Privacy policy
- Introduction
- General Information on Data Processing
- Provision of the website and creation of log files
- White Papers
- Comments
- Email contact
- Disclosure of data to third parties
- Rights of the data subject
- Controller
1. Introduction
This privacy notice serves to inform you about how we handle the personal data collected, processed and stored through our website.
This privacy notice applies to the website of Travel in Motion AG. We assume no responsibility for the data protection regulation compliance of other websites linked on ours.
We reserve the right to change the contents of this privacy notice, especially if we offer new or modified services or if changes in the applicable legislation or legal precedents make modifications necessary or useful, as long as the user can reasonably be expected to accept them taking into account our legitimate interests.
2. General information on data processing
2.1 Scope of processing of personal data
We collect and process personal data of our users insofar as necessary for providing a functioning website and delivering our content and services, including the processing of orders placed through our online forms.
The collection and processing of our users’ personal data take place regularly only with the user’s consent. An exception applies to cases in which prior consent cannot be obtained for reasons of fact and the processing of the data is permitted by law.
2.2 Legal basis
Generally, the Swiss Federal Act on Data Protection (FADP) serves as the legal basis for this privacy notice. In addition, the EU General Data Protection Regulation (GDPR), which is frequently mentioned in this notice, applies for users from EU member states.
2.3 Data deletion and storage duration
A user’s personal data are deleted or blocked as soon as the purpose of storage ceases to apply. Storage can also occur if provided for by the European or national legislator in EU regulations, laws or other legislation to which the controller is subject.
Blocking or deletion of data also occurs when a storage period prescribed by the aforementioned legislation expires, unless there is a need for further storage of data for the conclusion or fulfilment of a contract.
3. Provision of the website and creation of log files
3.1 Description and scope of data processing
Our website can be visited without provision of any personal data. For every access query to our website, our system automatically collects data transmitted by the user’s web browser.
The following data are collected in this process:
- Browser type, version and language
- Operating system and language setting used
- Activated browser plugins
- Screen resolution
- Address of the website visited previously (referrer URL)
- Hostname of the user’s computer (IP address)
- Date and time of access
- Name of the file being requested
- Volume of data transmitted
- Report on successful data retrieval
These data are compiled in log files and saved on our server. No further personal data are stored together with the log file data.
3.2 Legal basis
- Switzerland: Art. 6 FADP
- EU: Art. 6 para. 1 lit. f GDPR
3.3 Purpose
The temporary storage of the IP address by our system is necessary for granting the user’s system access to our website. For this purpose, the user’s IP address must be stored for the duration of the session.
Data storage in log files is required to ensure the functioning of the website. Furthermore, the data allows us to optimise the website and ensure the security of our IT systems. No data analysis for marketing-related purposes is performed in this context.
These purposes correspond to the legitimate interests in data processing in accordance with the abovementioned legal basis.
3.4 Duration of storage
The data are deleted as soon as they are no longer needed to fulfil the purpose for which they were collected. In the case of data collection for the purpose of providing the website, this is the case as soon as the session ends. In the case of data storage in logfiles, this is the case after 10 weeks. In the case of statistical information, this is the case after 12 months.
3.5 Ability to object and delete
The collection of data for the provision of the website and the storage of data in logfiles is necessary for the operation of the website. The website user therefore has no ability to object to the processing of their data.
4. White Papers
4.1 Description and scope of data processing
On our website people can order white papers by filling in a simple form. In addition to the data on the ordered item, the following personal data are collected:
- First name
- Last name
- Email address
- Company name (optional)
- Function (optional)
- IP address
- IP address based location
4.2 Legal basis
- Switzerland: Art. 6 FADP
- EU: Art. 6 para. 1 lit. f GDPR
4.3 Purpose
We collect, store and process these data in order to provide you with the requested white paper and further company information.
4.4 Duration of storage
Data is stored for the period during you receive updates from us.
4.5 Ability to object and delete
You can have your data removed on request anytime. Please contact us.
5. Comments
5.1 Description and scope of data processing
You can comment our blog posts. For this purpose, we collect the following personal data:
- Name
- Email address
- Website address (optional)
- IP address
5.2 Legal basis
- Switzerland: Art. 6 FADP
- EU: Art. 6 para. 1 lit. a GDPR
5.3 Purpose
We collect, store and process these data in order to publish your comment in your name, reply to you and protect our blog from spam.
5.4 Duration of storage
These data are stored for 5 years or you request us to delete it.
5.5 Ability to object and delete
You can object to the storage of the data by requesting us to delete it.
6. Email contact
6.1 Description and scope of the processing of personal data
On our website, users can personally contact us via email by using the email address provided. In this case, the sender’s personal data transmitted along with the email message are stored.
These data are:
- Email address
- Name
In addition, further data commonly used for email messages are transmitted and stored, such as:
- Subject
- Message content and email attachments
- Sender’s IP address
- Host name of the mail server
- Host names of the relaying servers
- Date and time of submission
- Email application used
6.2 Legal basis
- Switzerland: Art. 6 FADP
- EU: Art. 6 para. 1 lit. a, b and f GDPR
6.3 Purpose
The data are used only to process the communication. This corresponds to the legitimate interests in processing personal data.
6.4 Duration of storage
The data are deleted as soon as they are no longer needed to fulfill the purpose for which they were collected. For personal data transmitted by email, this is the case after 10 years at the latest.
6.5 Ability to object and delete
The user has the possibility to withdraw their consent to have their personal data processed at any time. When the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, we can no longer communicate with the user.
In this case, all personal data stored in the communication process will be deleted.
7. Disclosure of data to third parties
7.1 Description and scope of the processing of personal data
We may disclose our users’ personal data collected through our website to third parties in order to carry out our activities or fulfill contracts.
The following data may be disclosed:
- Log files, web analysis data and orders may be disclosed to our hoster and webmasters in Switzerland (see below).
The scope of the data is described above.
When a user contacts us in writing or by telephone or is in a customer relationship with us, we may also disclose personal data to the following third parties for the following purposes:
- To Microsoft Coorporation, Redmond, WA, USA: addresses, email (data scope: contact data, email messages).
The privacy policy (https://go.microsoft.com/fwlink/?LinkId=521839) and data processing agreement (https://legal.hubspot.com/dpa) applies. - To HubSpot, Cambridge, MA, USA: customer relation management (data scope: contact data, email messages and communication history).
The privacy policy of HubSpot applies, see https://legal.hubspot.com/privacy-policy. - To a Swiss bank: for payments (data scope: payment information)
- To Swiss tax authorities: to fulfill tax obligations (data scope: invoice data)
7.1.1 Unencrypted emails
Due to the open nature of the email service, it cannot be ruled out that data transmitted by email are viewed by third parties, in particular when emails are unencrypted.
7.1.2 Data retention
Data transmitted over the internet may be viewed, stored and processed by third parties such as internet providers or state institutions. According to the Swiss Federal law on the surveillance of post and telecommunications traffic (SPTA), Swiss internet providers are obliged to store internet metadata (this is called “data retention”). Similar regulations may apply in other states.
7.2 Legal basis
- Switzerland: Data retention: Federal law on the surveillance of post and telecommunications traffic (SPTA)
- EU: Art. 6 para. 1 lit. f GDPR
7.3 Purpose
The purpose of the collection, storage, transmission and processing of these data is mentioned above.
7.4 Duration of storage
The duration of storage is mentioned in the paragraph on the respective data collection context. The storage of personal data in a customer relationship depends on the duration of the customer relationship. In tax matters, the retention period stipulated by the legislator is applicable (10 years at most).
7.5 Ability to object and delete
The possibilities described in the paragraph on the respective data collection context apply. You can have address data stored with us deleted at any time, which generally ends the customer relationship.
8. Rights of the data subject
If your personal data are processed, you are a data subject as contemplated by the GDPR (EU) or the FADP (Switzerland).
If you are a data subject as contemplated by the FADP, you have various rights in relation to the controller (right to information, right to notification, right to data portability), see chapter 4 of the FADP.
If you are a data subject as contemplated by the GDPR, you have various rights in relation to the controller (right to information, right to rectification, right to restriction of processing, right to erasure, right to notification, right to data portability, right to object, right to withdraw consent, right to lodge a complaint). You can find more details in chapter III of the GDPR.
9. Controller
Travel in Motion AG
Hernerholzgasse 35
CH-8810 Horgen
Phone: +41 79 540 12 41
Updated: 18 March 2024