Privacy Policy for Dedichen
Powered by SIGNATU  
Published: a few seconds ago (July 6, 2022)
Who is responsible for processing your personal data?

Responsibility and role

We decide why and how your personal data are processed. We are responsible for processing your personal data.

  • Data protection officer

    We have a data protection officer.

    Contact

    The contact details are: Helene

  • Recipient

    We are a recipient of your personal data.

  • Enterprise

    We are an enterprise.

Archived Privacy Policy versions
Prior Privacy Policy versions are available at:
What is new in our Privacy Policy?

Changes

Important changes in this Privacy Policy version are:

When is our Privacy Policy published and effective?

When

Our privacy policy is:

  • effective as of:

    12.03.2020

  • published:

    12.03.2020

What does our Privacy Policy cover?

Where and what

Our Privacy Policy applies to:

  • our website: https://dedichen.com and https://dapt.ch
  • our e-mail: hello(at)dedichen.com
In which situations do we process your personal data?

Categories of individuals

We collect personal data:

  • of persons that send us emails and of website visitors

Situation

We process your personal data in a situation that concerns:

  • an activity that is professional or commercial.
  • an online activity. on https://dedichen.com and https://dapt.ch.
How do we collect your personal data?

How we collect

We collect your personal data in the following ways:

  • with: with email communication.
From which source do we collect your personal data?

Source

We collect your personal data from the following sources:

  • directly from you: Personal data, including email address and email content, is collected by email communication.

Whether you must provide personal data

These are the personal data you:

  • have permission to give us, and of your own free will give us (voluntary data):

    • email.
    • email content.

No consequence for not providing personal data that are voluntary to give

There are no consequences for not giving us the voluntary personal data above.

What are our legal grounds for processing your personal data?

Regular and/or "sensitive" personal data

We process your:

  • regular personal data.

Our legal ground for processing your regular personal data is:

  • a request from you before the entry into a contract.

    Personal data we process based on this legal ground is:

    • email.
    • email content.
Do we perform automated decision-making and automated profiling?

Profiling

We use your personal data to automatically evaluate aspects of your personality.

This profiling:

  • can include analysis of your characteristics.
  • can include predictions of your behaviour.
  • are made solely by automated means are without a human influence.

No automated decision-making

We do not use your personal data to make automated decisions about you.

How long do we keep your personal data?

  • Storage limitation

    We limit the duration we store your personal data to what is necessary for our processing purposes.

  • Storage review

    We continuously review the necessity of our continued storage of your personal data: If you want us to delete your email address and / or your email content, then please send us a message.

Storage required by law

If the further retention of your personal data is necessary for the purposes that are specified by law, we can further retain your personal data.

Do we share your personal data?

Disclosure to recipients

We disclose your personal data to the following recipients:

  • Uberspace.de is used as platform for this website and the email hell(at)dedichen.com. Uberspace.de is a data processor.
  • Fathom Analytics is used to provide website analytics. Fathom Analytics collects zero personal or personally identifiable information from website visitors.

Our legal grounds for disclosing your personal data to the recipients are:

  • Data processing agreement with Uberspace.de.
Do we transfer your personal data outside the EU or EEA?

No transfers to countries outside the EU and EEA

We do not transfer your personal data to:

  • countries outside the EU and EEA, or
  • an international organization.
Are your personal data secure?

Security

We secure your personal data:

  • with appropriate technical measures,
  • with appropriate organisational measures,
  • with an appropriate level of security,
  • against unauthorised processing,
  • against unlawful processing,
  • against accidental or unlawful loss,
  • against accidental or unlawful destruction, and
  • against accidental or unlawful damage.

Actions when security breach is discovered

If we have a reasonable degree of certainty of a breach of the security of the processing of your personal data, then we will:

  • notify the Supervisory Authority about the security breach, if the personal data breach is likely to lead to a risk for your rights and freedoms.
What are your rights?

Promise to fulfil rights

You have specific legal rights relating to the personal data we collect from you.

We will respect your individual rights and will deal with your concerns adequately.

Right to access

You may ask from us information regarding personal data that we hold about you, including:

  • information as to which categories of personal data we have in our possession or control,
  • what your personal data are being used for,
  • where we collect your personal data, if not from you directly, and
  • to whom your personal data have been disclosed, if applicable.

We will provide you with a copy of your personal data upon your request.

If you ask for further copies of your personal data, then we can charge you with a reasonable fee that we base on the administrative costs.

Right to rectification

You have the right to obtain from us rectification of your personal data, that are inaccurate or incomplete, in the latter case provided you supply the corrected or supplementary information.

Right to erasure

You have the right to request that we delete the personal data we process about you.

We must comply with this request if we process your personal data, and if:

  • the personal data is no longer necessary for the fulfilment of the purposes for which they have been collected;
  • you object to the processing based on our legitimate interest or withdraw your consent;
  • the personal data has been processed unlawfully;
  • the personal data must be deleted in order to observe a legal obligation incumbent on us.

We must not comply with this request your personal data is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation that binds us;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes; or
  • for the establishment, exercise or defence of legal claims.

Right to restriction

You have the right to obtain from us restriction of processing of your personal data, if:

  • you contest the accuracy of your personal data, for the period we need to verify the accuracy,
  • the processing is unlawful and you request the restriction of processing rather than erasure of your personal data,
  • we no longer need your personal data but you require them for the establishment, exercise or defense of legal claims, or
  • you object to the processing while we verify whether our legitimate grounds override yours.

Right to object to direct marketing

You have the right to always object to the processing of your personal data for direct marketing that was based on our legitimate interest, regardless of any reason.

If the marketing was based on your consent, you can withdraw consent.

How can you exercise your rights?

Communication about rights available

We invite you to communicate with us about the exercise of your rights concerning the protection of your personal data.

Written requests

We only accept written requests since we cannot deal with verbal requests immediately without first:

  • analysing the content of the request, and
  • identifying you.

Describe right to exercise

Your request should contain a detailed, accurate description of which right you want to exercise.

Identification document

You must provide us with a copy of an identification document to confirm your identity, for example:

  • an ID card or
  • a passport.

The document should contain:

  • an identification number,
  • country of issue,
  • period of validity,
  • your name,
  • your address, and
  • your date of birth.

Any other data contained in the copy of the identification document such as a photo or any personal characteristics, may be masked out.

We will not accept other means of assuring your identity.

If you wish to propose alternatives, we will assess them on a case-by-case basis.

Our use of the information on your identification document:

  • is limited to verify your identity, and
  • will not be stored for longer than needed for this purpose.

Where send request

You can send your request that concerns the protection of your personal data to:

  • our email address at: hello(at)dedichen.com

Answer to request

You receive our answer to your request that concerns the protection of your personal data at:

  • your email address.

Time to respond to request

We inform you of our handling of your request that we exercise your rights (regarding the protection of your personal) within:

  • a month of the reception of your request.
Do you have a right to complain?

Complain to a supervisory authority

You can lodge a complaint to a supervisory authority:

  • where you usually live in the EU and the EEA.
  • at the place of your work in the EU and the EEA.
  • at the place of the alleged infringement in the EU and the EEA.

The Supervisory Authority should within a reasonable period inform you of:

  • the progress of the complaint, and
  • the outcome of the complaint.

Mandate an organization to complain

You can mandate that an organization lodges a complaint on your behalf with a Supervisory Authority.

The Supervisory Authority should within a reasonable period inform you of:

  • the progress of the complaint, and
  • the outcome of the complaint.

Judicial remedy

You can seek a judicial remedy in the EU and the EEA against:

  • a controller,
  • a processor, and
  • a Supervisory Authority.

Mandate an organization to exercise your right

You can mandate that an organization exercises your right:

  • to a judicial remedy on your behalf.
  • to a compensation for a damage as a result of a breach of the law on the protection of the personal data on your behalf.
Can you choose your privacy settings?

No privacy settings

Currently, we do not offer privacy settings where you can choose why and how we process your personal data.

Are we certified and do we follow a code of conduct?

  • Self-assessment of correctness of this policy

    We self-assess that the:

    • attestations in this policy are true, and
    • assertions in this policy are true.
Explanation of words and expressions in this Privacy Policy
Unless otherwise defined this Privacy Policy, all terms used in this Privacy Policy will have the meanings given to them below:

  • Personal data

    Personal data means any information relating to an identified or identifiable natural person (data subject).

    An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as:

    • a name
    • an identification number
    • location data
    • an online identifier
    • the physical identity of a natural person
    • the physiological identity of a natural person
    • the genetic identity of a natural person
    • the mental identity of a natural person
    • the identity of a natural person
    • the economic identity of a natural person
    • the cultural identity of a natural person
    • the social identity of a natural person

  • Sensitive personal data

    Sensitive personal data are - in the GDPR - named special categories of personal data.

    Personal data are sensitive if processing of personal data reveal:

    • racial origin
    • ethnic origin
    • political opinions
    • religious beliefs
    • philosophical beliefs
    • trade union membership

    Also, personal data are sensitive if:

    • genetic data is processed for the purpose of uniquely identifying a natural person
    • biometric data is processed for the purpose of uniquely identifying a natural person

    Sensitive personal data are also:

    • data concerning health
    • data concerning a natural person's sex life
    • data concerning a natural person's sexual orientation

  • Regular personal data

    Regular personal data are - in the GDPR - personal data that are not special categories of personal data. There is no exhaustive list of such personal data.

  • Processing

    Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as:

    • collection
    • recording
    • organisation
    • structuring
    • storage
    • adaptation
    • alteration
    • retrieval
    • consultation
    • use
    • erasure or destruction
    • etc.

  • Processing Purpose

    Processing Purpose means the reason why you process personal data.

  • Controller

    Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for in Union or Member State law.

  • Processor

    Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • Recipient

    Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  • Supervisory Authority

    Supervisory Authority means an independent public authority which is established by a Member State pursuant to Article 51 GDPR.

  • Personal Data Breach

    Personal Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

  • Enterprise

    Enterprise means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity.