Privacy
In order to comply with Europe’s privacy policies (GDPR) and Switzerland’s Federal Act on Data Protection (nFADP), we offer the following disclosure about what data is collected by this website and how it is used.
With this data protection declaration we inform you which personal data we process for what purpose, how and where, in particular in connection with our website and our other offers. With this data protection declaration, we also inform you about the rights of persons whose data we process.
Special, supplementary or further data protection declarations as well as other legal documents such as general terms and conditions (GTC), terms of use or conditions of participation may apply to individual or additional offers and services.
Our offer is subject to Swiss data protection law and any applicable foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognises that Swiss data protection law ensures adequate data protection.
WHO WE ARE
Our website address is: https://www.brandspace.ch
This website is run and hosted on Squarespace
This website is owned and operated by:
Joanne Bergin and Justine Miller
BrandSpace Gmbh
Pfarrhausgasse 5
8706 Meilen
Switzerland
PROCESSING OF PERSONAL DATA
Terms
Personal data is all information that relates to a specific or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, collection, deletion, storage, modification, destruction and use of personal data.
The European Economic Area (EEA) comprises the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) describes the processing of personal data as processing of personal data.
Legal Bases
We process personal data in accordance with Swiss data protection law, in particular the Federal Data Protection Act (DSG) and the Ordinance on the Federal Data Protection Act (VDSG).
If and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with at least one of the following legal bases:
Article 6 paragraph 1 letter b GDPR for the necessary processing of personal data to fulfill a contract with the data subject and to carry out pre-contractual measures.
Article 6 (1) (f) GDPR for the necessary processing of personal data in order to protect our legitimate interests or those of third parties, provided that the fundamental freedoms and fundamental rights and interests of the data subject do not prevail. Legitimate interests are in particular our interest in being able to provide our offer in a permanent, user-friendly, secure and reliable manner and to be able to advertise it if necessary, information security and protection against misuse and unauthorized use, the enforcement of our own legal claims and compliance with Swiss law.
Art. 6 (1) (c) GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under any applicable law of member states in the European Economic Area (EEA).
Article 6 paragraph 1 lit. e GDPR for the necessary processing of personal data to perform a task that is in the public interest.
Article 6 paragraph 1 lit. a GDPR for the processing of personal data with the consent of the person concerned.
Article 6 paragraph 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.
Nature, scope and purpose
We process the personal data that is necessary to be able to provide our offer permanently, user-friendly, securely and reliably. Such personal data can fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data and usage data, location data, sales, contract and payment data.
We process personal data for the period that is required for the respective purpose or purposes or by law. Personal data that no longer needs to be processed will be made anonymous or deleted. Persons whose data we process have a fundamental right to erasure.
In principle, we only process personal data with the consent of the person concerned, unless the processing is permissible for other legal reasons, for example to fulfill a contract with the person concerned and for corresponding pre-contractual measures to protect our overriding legitimate interests, because the processing is apparent from the circumstances or after prior information.
In this context, we process in particular information that a person concerned voluntarily and himself transmits to us when contacting us – for example by post, e-mail, contact form, social media or telephone – or when registering for a user account. We can store such information, for example, in an address book or with comparable tools. If you transmit personal data to us via third parties, you are obliged to ensure data protection against such third parties and to ensure the accuracy of such personal data.
We also process personal data that we receive from third parties, procure from publicly accessible sources or collect when providing our offer, if and to the extent that such processing is permitted for legal reasons.
Processing of personal data by third parties, also abroad
We can have personal data processed by commissioned third parties or process it together with third parties and with the help of third parties or transmit it to third parties. Such third parties are in particular providers whose services we use.
Such third parties are may be located in Switzerland, in the European Economic Area (EEA) or other countries and territories on earth as well as elsewhere in the universe, provided that their data protection law is in the opinion of the Federal Data Protection and Information Commissioner (FDPIC) and – insofar as and to the extent that the General Data Protection Regulation (GDPR) is applicable – in accordance with the assessment the European Commission adequate data protection is guaranteed, or if adequate data protection is guaranteed for other reasons, such as by a corresponding contractual agreement, in particular on the basis of standard contractual clauses, or by a corresponding certification. In exceptional cases, such a third party may be located in a country without adequate data protection, provided that the data protection requirements, such as the express consent of the person concerned, are met.
RIGHTS OF DATA SUBJECTS
Affected persons whose personal data we process have the rights under Swiss data protection law. This includes the right to information as well as the right to correction, deletion or blocking of the processed personal data.
Affected persons whose personal data we process can – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – receive confirmation free of charge as to whether we are processing their personal data and, if so, request information about the processing of their personal data, restrict the processing of their personal data exercise their right to data transferability and have their personal data corrected, deleted (“right to be forgotten”), blocked or completed.
Affected persons whose personal data we process can – if and to the extent that the GDPR is applicable – revoke a given consent at any time with effect for the future and object to the processing of their personal data at any time.
To request the deletion of your personal data, send an request to admin@brandspace.ch
Affected persons whose personal data we process have a right of appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
DATA SECURITY
We take appropriate and reasonable technical and organizational measures to ensure data protection and, in particular, data security. However, despite such measures, the processing of personal data on the Internet can always have security gaps. We can therefore not guarantee absolute data security.
Our online offer is accessed using transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers mark transport encryption with a padlock in the address bar.
Access to our online offering is subject – like basically any internet use – to mass surveillance without cause or suspicion, as well as other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and others states. We have no direct influence on the corresponding processing of personal data by secret services, police stations and other security authorities.
USE OF WEBSITE
Cookie Declaration
You can turn off the use of cookies and delete cookies at anytime through your specific browser settings.
Server Log Files
We can record the following information for each access to our website, provided that this is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including amount of data transferred, website last accessed in the same browser window (referrer).
We store such information, which may also represent personal data, in server log files. The information is required in order to provide our online offer in a permanent, user-friendly and reliable manner and to be able to ensure data security and thus in particular the protection of personal data – also by third parties or with the help of third parties.
Online booking
Our website has an online booking mechanism for events. We collect and process user data when you:
Register for one of our events online.
Voluntarily sing up to our newsletter, send as an inquiry or other message through our webpages or by e-mail, letter or over a phone, complete a customer survey or provide feedback on any of our message boards or via email.
Use or view our website via your browser’s cookies.
While you visit our website and book an event we’ll ask you to provide information including your name, billing address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for many purposes, such as, to:
Send you information about your account and order
Respond to your requests, including refunds and complaints
Process payments and prevent fraud
Comply with any legal obligations we have, such as calculating taxes
Improve our offerings
Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for seven (7) years for tax and accounting purposes. This includes your name, email address and billing address.
Membership portal
By filing a membership application or filing for any other services provided by BrandSpace, and/or using BrandSpace’s Platform, the user of the Platform agrees with the collection and use of public or non-public information and personal data by BrandSpace as provided in this Privacy Policy.
NOTIFICATIONS AND NOTICES
We send notifications and communications such as newsletters via email and other communication channels such as instant messaging.
Consent and Objection
In principle, you must expressly consent to the use of your e-mail address and your other contact addresses, unless the use is permitted for other legal reasons. If possible, we use the ‘double opt-in’ procedure for any consent to receive e-mails, i.e. you will receive an e-mail with a web link that you must click to confirm, so that no misuse by unauthorised third parties can be done. We may log such consents, including Internet Protocol (IP) address and date and time, for evidentiary and security reasons.
You can always unsubscribe from notifications and communications such as newsletters. By unsubscribing, you can, in particular, object to the statistical recording of use for measuring success and reach. We reserve the right to notifications and communications that are absolutely necessary for our offer.
Success and Reach Measurement
Notifications and communications may contain web links or web beacons that record whether an individual communication was opened and which web links were clicked on. Such web links and tracking pixels can also record the use of notifications and communications on a personal basis. We need this statistical recording of usage to measure success and reach in order to be able to offer notifications and messages based on the needs and reading habits of the recipients in an effective, user-friendly, permanent, secure and reliable manner.
Notification and Communication Service Providers
We send notifications and communications through third party services or with the help of service providers. Cookies can also be used for this. We also guarantee appropriate data protection for such services.
In particular, we use Squarespace – website platform incorporated in Delaware, USA. Privacy policy and Data processing addendum.
Users may subscribe to our email newsletter by using a form on our website, which collects their email address. We use Squarespace to store and manage this email list but these emails are not used by Squarespace for their own purposes. Users may opt-out of the email list at any time, which will remove their email from our sending list but continue to store the email with a “do not contact” flag. If you wish your email to be permanently deleted from our Squarespace database, please contact us.
We occasionally run promotions offering free content in exchange for signing up for our newsletter. If you wish to have the free content without subscribing, please contact us to receive that content. We never share email address from our list with third-party companies.
SOCIAL MEDIA
We are present on social media platforms and other online platforms in order to be able to communicate with interested persons and to be able to provide information about our offer. Personal data can also be processed outside of Switzerland and the European Economic Area (EEA).
The general terms and conditions (GTC) and terms of use as well as data protection declarations and other provisions of the individual operators of such online platforms also apply. These provisions provide information in particular about the rights of data subjects, including in particular the right to information.
We are jointly responsible with Facebook Ireland Limited in Ireland for our social media presence on Facebook, including the so-called page insights, if and to the extent that the GDPR is applicable. The page insights provide information about how visitors interact with our Facebook presence. We use page insights to provide our social media presence on Facebook in an effective and user-friendly manner.
Further information on the type, scope and purpose of data processing, information on the rights of data subjects and the contact details of Facebook and Facebook’s data protection officer can be found in Facebook’s data protection declaration (“Data Protection Policy”) . We have concluded the so-called “Supplement for those responsible” with Facebook and, in particular, have agreed that Facebook is responsible for guaranteeing the rights of data subjects. For the so-called page insights, the corresponding information can be found on the pages “Information on page insights” , including “Page Insights supplement regarding the person responsible” and “Information on page insights data” , each from Facebook.
SUCCESS AND RANGE MEASUREMENT
We use services and programs to determine how our online offering is used. In this context, we can, for example, measure the success and reach of our online offer as well as the effect of third-party links on our website. In particular, we use:
Google Analytics: Google Analytics collects anonymous information about your visit to our website, including where users are located (country, city) and demographic information such as age and gender. This information cannot identify you personally. Google Analytics is used for success and range measurement; Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; Information on data protection: Measurement also across different browsers and devices (cross-device tracking) as well as with pseudonymised Internet Protocol (IP) addresses, which are only transmitted in full to Google in the USA in exceptional cases , “Principles of data protection and security” , data protection declaration , «Guide to data protection in Google products» (including Google Analytics) ,“How we use data from websites or apps on which our services are used” (information from Google) , “How Google uses cookies” , “Browser add-on to deactivate Google Analytics” , “Personalized advertising” (activation / deactivation / settings) .
Google Tag Manager: integration and management of services for success and range measurement as well as other services from Google and third parties; Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; Information on data protection can be found in connection with the integrated and managed services.
THIRD PARTY SERVICES
We use third-party services in order to be able to provide our offer permanently, user-friendly, securely and reliably. Such services are also used to embed content in our website. Such services – for example hosting and storage services, video services and payment services – require your Internet Protocol (IP) address, otherwise such services cannot transmit the corresponding content. Such services may be located outside of Switzerland and the European Economic Area (EEA), provided that adequate data protection is guaranteed.
For their own security-relevant, statistical and technical purposes, third parties whose services we use can also process data in connection with our offer and from other sources – including cookies, log files and tracking pixels – in an aggregated, anonymous or pseudonymised form.
Digital Infrastructure
We use third-party services in order to be able to use the digital infrastructure required for our offer. These include, for example, hosting and storage services from specialised providers.
We use Squarespace as our web platform: https://www.squarespace.com/privacy
We use the plugin Acuity Scheduling in our pages and online calendar and Bonsai to manage projects.
Payments
We accept payments in our online shop through Stripe, which is a worldwide-used secured service. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
Information shared with a payment provider to process payments includes:
Name
Email
Address
Phone
City/Postcode
Unique payment identifier
Payment provider identifier
How payment provider Stripe uses our data
To better understand how a provider uses and stores the data shared with them, check their privacy policies directly: Stripe: https://stripe.com/gb/privacy
Social Media Features and Social Media Content
We use third party services and plugins to embed features and content from social media platforms and to enable sharing of content on social media platforms and other means.
In particular, we use:
Facebook (social plugins): Embedding of Facebook functions and Facebook content, for example “Like” or “Share”; Providers: Facebook Inc. (USA) / Facebook Ireland Ltd. (Ireland); Information on data protection: data protection declaration.
Instagram platform: embedding Instagram content; Providers: Facebook Inc. (USA) / Facebook Ireland Ltd. (Ireland); Information on data protection:data protection declaration (Instagram) , data protection declaration (Facebook) .
Pinterest (social plugins): embedding functions and content or pins from Pinterest (example: “Save button” ); Providers: Pinterest Europe Ltd. (Ireland) for users in the European Economic Area (EEA) / Pinterest Inc. (USA) for users in the rest of the world; Information on data protection: «Privacy, Security and Legal» , Privacy Policy , Cookie Policy .
Audio Visual Media
We use third-party services to enable the direct playback of audiovisual media such as music or videos on our website.
In particular, we use:
YouTube: videos; Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; Information on data protection: “Principles of data protection and security” , data protection declaration , “Guide to data protection in Google products” (including YouTube) , “How Google uses cookies” , “Personalised advertising” (activation / deactivation / settings) .
DO NOT SELL
We do not and have not sold and do not plan to sell personal information collected through this website. However, we respect and understand that you may still want to ensure that your personal information is not sold. There, if you would still like to proceed with your “do not sell my information” request, we ask that you contact us at the email address at the top of our privacy policy page.
FINAL PROVISIONS
This privacy policy is subject to change without notice and was last updated on 1 January 2024. If you have any questions about this policy, please contact me directly at the email address mentioned at the top.
We reserve the right to amend or add to this statement at any time at our discretion.