Your trust is of highest priority to us. We consider the protection of your personal data as an important trust building factor and therefore treat your Personal Data confidential at all time, in compliance with the applicable data protection law.
This Privacy Notice covers processing of Personal Data by The Cultured Hub AG and provides you with answers to the following questions, which may arise in connection with procession of Personal Data by The Cultured Hub during your business relationship with The Cultured Hub. In certain situations, additional, separate Privacy Notices will be presented.
If not indicated differently in a separate notice, contract document or other communication as the case might be with your contact from The Cultured Hub, the following entity is responsible for the processing of your Personal Data as Controller.
The Cultured Hub, Kempttpark 21/23, 8310 Kemptthal, Switzerland
In case the Controller is not The Cultured Hub as mentioned above and the respective local entity has appointed a data protection officer, you can contact us below.
For questions, please contact us under: dataprotection@theculturedhub.com
In accordance with this Privacy Notice we may also transfer your Personal Data to another The Cultured Hub entity or to third parties (this may also include public authorities) so that these recipients can process personal data for their own or the Controller’s purposes. These recipients act either as Processors or independent Controllers. This Privacy Notice states where such may be the case.
Depending on the individual occasion, we process very different Personal Data for various purposes. Among other situations, we will process in the respective situation the hereinafter mentioned Personal Data for the described purpose:
If you contact us or when we contact you (in writing, electronically or by phone), we will process Personal Data such as name and contact data (postal address, e-mail or phone number) and the content and time of the relevant messages. We use this data for providing you the requested service, giving you information, process your request and to communicate with you. It is important to us, that you can contact us. We can also forward messages within the Group to the responsible entity or office.
When you use our Online Services, we will process Personal Data such as IP-address, log data, information about the time our website was accessed and/or the app was installed and/or you have consented to the receipt of a newsletter, the duration of the visit, the pages accessed, device specific information, and all data that is provided to us through an online facility, which data may include an e-mail address, user name and credit card information and additionally we may, depending on the offer, also process information of the use of your customer account, your location or your shopping behavior. In case of a newsletter, we may additionally process Personal Data concerning the delivery of the newsletter, if and when you have opened and forwarded the newsletter as well as links you have clicked on.
We use these Personal Data for providing the Online Services, we further use it to improve our IT security. Based on the processed Personal Data we are able to make the relevant offer or further offers to you or to the company you work for and to process your offer. This may include opening and managing a customer account in your name or informing you about changes and providing you further information through the electronic newsletter. We also process Personal Data in order to develop our Online Services on an ongoing basis. By using your customer account we get to know you better and can provide you with personalized services. Finally, we process Personal Data in connection with Online Services in order to better understand the behaviour and interests of our customers. You are under no obligation to provide this Personal Data to us, but we may not be able to process a request or provide an online facility if you fail to provide such Personal Data.
We also use "cookies", which are small text files that are temporarily or permanently stored on your device when you visit our website. Cookies are often required for the functionality of the website. Others are used to personalize the offer. However, logs and cookies often do not contain personal data because we are often unable to assign this information to you. We also use analysis services such as Google Analytics. Within the use of such services, detailed information about the use of the relevant website is collected, but such information is also often not personal. Finally, we may use functionalities from providers such as Facebook, which may result in the provider concerned processing data about you. Further details about the used cookies, our evaluation of your user behavior or further social plug-ins and how to prevent these processing steps can be found here.
When you enter our premises, we may make video recordings in appropriately marked areas for security and evidence purposes. We may thereby obtain information about your actions in the relevant areas. Any Personal Data collected by video recordings is only available for processing to specific employees for your own safety, the safety of our employees and for evidence purpose. If criminal acts are suspected, we can make the recordings available to the prosecution authorities. If you do not want to be recorded, we must ask you not to enter the relevant areas.
You may also be able to use a Wi-Fi service. In this case, we collect device-specific data in the course of your use, and we may ask you to enter your name and e-mail address when registering. Even though we will usually not be able to assign the device specific data to a specific person, we will collect your log-in data. Additionally we will process the duration of the connection, the location of the used Wi-Fi service and the volume of data used. We process this information in order to provide you with Wi-Fi services and for IT security purposes. The use of our Wi-Fi service is voluntary. However, it may not be possible to use the Wi-Fi service without your Personal Data being processed accordingly.
For an event (might it be for advertising, sponsoring, cultural and sporting reason), we process Personal Data such as name, contact details and participation, other data (f.e. date of birth) depending on the event. We process this information for the purpose of carrying out customer events, but also to get in direct contact with you and get to know you better. Participation in customer events is voluntary, but usually not possible without the processing of Personal Data.
If you are one of our business partners, might it be a supplier, commercial customer, cooperation partner or service provider, depending on the field of activity we process different Personal Data about the contact persons in your company, e.g. name, function, title, contact information or further information available from third party resources such as Worldcheck.
We need to process such Personal Data for the performance of our contract (i.e. check whether we obtain services from you or deliver them to you or whether we want and can work together with you, to check whether your company offers the required security standards, to plan the work schedules of our employees and, if necessary, of the your employees), improvement of our customer orientation, customer satisfaction and customer loyalty. None of your employees is obliged to provide us with Personal Data. Yet, if they do not wish to provide us with the required Personal Data, we may not be able to work with you. In exceptional cases we are even legally obliged to process such Personal Data.
We process Personal Data such as name, function, contact details or further personal information for our internal and group-internal administration, as well as accounting and archiving purposes and generally for checking and improving internal processes. These purposes may relate to us or to other Group entities.
We may process Personal Data, relating to the contact person or employees of companies included in corporate deals, in order to prepare and process company takeovers, sales and purchases or sales of assets such as receivables or real estate and similar transactions. The scope of Personal Data processed depends on the subject and stage of transaction and may include Sensitive Personal Data. The purpose of this data processing is to check the corresponding transactions and to carry them out where applicable. Notifications to local and foreign authorities may also be required.
When you are applying to us, we will process your Personal Data relating to your application (f. e. name, date of birth, curriculum vitae, qualifications, certificates; if necessary, also Sensitive Personal Data) in order to assess whether you are qualified for the respective job position and to discuss possible employment with you. With your consent, we may also keep your application pending if we, or you, refrain from employment with a view to a possible later employment. It is voluntary to provide the respective Personal Data, but we cannot process an application without the necessary Personal Data.
In order to comply with legal requirements, we install preventive measures to ensure compliance or detect and clarify abuses (e.g. operation of a fraud reporting system, internal investigations or the disclosure of documents to an authority). We may also process Personal Data to comply with a legal requirement or government request.
We process Personal Data, e.g. name of the counterparty, in various constellations in order to protect our rights, e.g. to assert claims in and out of court and before local and foreign authorities or to defend ourselves against claims. Thereby authorities may require us to disclose documents containing Personal Data.
We may also evaluate your Personal Data and combine it with other information, such as non-personal statistical information and other Personal Data that we have collected about you, in order to derive information about your preferences and affinities with certain products or services.
Appropriate technical and organizational security measures are implemented in order to safeguard the security of your Personal Data and to protect it against unauthorised or unlawful processing, prevent the risk of loss, unintentional alteration, unintentional disclosure or unauthorised access. However, the electronic transfer of information in particular entails security risks that cannot be completely ruled out. If you transfer information electronically, you do so at your own risk.
Should we use your Personal Data for Automate Individual Decision Making, we will inform you accordingly in accordance with applicable legal obligations.
We process your Personal Data based on the following legal grounds:
We retain your Personal Data no longer than it is necessary for the purposes for which the information is collected. We moreover retain Personal Data as long as we have a legitimate interest in the storage, for archiving purposes and for guaranteeing IT security or in the case of running statutes of limitations (often 10 years, in some cases 5 years or 1 year). We also retain your Personal Data as long as it is subject to a legal retention obligation (certain documents have a 10 year retention period; some even 25 years).
Our employees have access to your Personal Data as far as it is necessary for the described purposes and the work of the employees concerned. They act in accordance with our instructions and are bound to confidentiality and secrecy when handling your Personal Data.
We may also transfer your personal data to other entities within the Group for the purpose of internal group administration and for the purposes described in this Privacy Notice. This means that your Personal Data can also be processed and combined with Personal Data originating from another Group entity for the respective purposes, to the extent permitted under applicable law.
We may also disclose your Personal Data to third party Processors. Processors are obliged to process the Personal Data exclusively on our behalf and according to our instructions.
Moreover, we may review or execute transactions such as mergers or the acquisition or sale of individual parts of an entity or its assets. In this context, the transfer of Personal Data to another company may be necessary. In these cases, for reasons of confidentiality, it is not always possible to inform you in advance if your Personal Data is affected. However, we will inform you as early as possible in each individual case and do our best under economical and reasonable circumstance to process as little Personal Data as possible.
Additionally we may disclose your Personal Data to other recipients if this is so required by law. We also reserve the right to share your Personal Data in accordance with a court order or to assert or defend legal claims or if we consider it necessary for other legal reasons.
The recipients of your Personal Data may be located abroad including in countries outside of the EU, UK or the EEA. The countries concerned may not have laws that protect your Personal Data to the same extent as the laws in Switzerland, the EU, UK or the EEA do. If we disclose your Personal Data to recipient located in such a third country, we will take appropriate measures to ensure the protection of your Personal Data, for example by concluding a data transfer agreement, that includes contracts approved, issued or recognised by the European Commission and the Federal Data Protection and Information Commission to ensure the necessary data protection with the third country recipients. Additionally we may transfer Personal Data to recipients who have joined the US Privacy Shield program.
Please contact us if you would like to obtain a copy of our data transfer contracts or if you wish to receive further information about how we protect your Personal Data when disclosing it to a third country.
It is important for us to point out, that you can at any time object to the processing of your Personal Data or freely withdraw your consent to the processing of your Personal Data. If you revoke your consent, effectively object to processing for a specific purpose, we no longer process your Personal Data for the corresponding purpose.
Additionally you may have the following rights, in accordance with applicable laws:
You have the right to be informed transparently, clearly and comprehensively about how we process your Personal Data and what rights you have in connection with the processing of your Personal Data. This Privacy Notice fulfils this obligation. If you would like further information, please contact us.
You have the right to request, at any time, access to your Personal Data stored and processed by us. This gives you the opportunity to check which Personal Data we process about you and to verify that it is used in accordance with the applicable data protection regulations. The right to information may be limited or excluded, in case no sufficient identification is given, it is necessary to protect the rights and freedoms of other Data Subjects, the right to access is used excessively, a comprehensive provision of information would generate disproportionate efforts.
You have the right to have incorrect or incomplete Personal Data corrected or completed and to be informed of such rectification.
You have the right to request that your Personal Data is erased if the Personal Data no longer necessary for the purposes pursued, consent has effectively been withdrawn or there is an effective objection and if Personal Data is processed unlawfully.
The Right to Erasure might be excluded if the Personal Data is necessary for the exercise of freedom of expression and information, to perform a legal task or a task in the public interest or for the establishment, exercise or defense of legal claims.
Under certain circumstances, you have the right to request that the processing of your Personal Data be restricted (e.g. no further processing at all or removal of published Personal Data).
You have the right to receive the Personal Data concerning you, which you have provided to us, in a commonly used and machine-readable format, provided that processing is based on your consent or is necessary for the performance of the contract and the processing is carried out by automated means. Depending on the individual case, your Personal Data may be transferred to you or directly to another Controller.
You have the right to lodge a complaint with a competent supervisory authority about the way we handle or process your Personal Data. Alternatively you may inform us under dataprotection@theculturedhub.com.
If you have given your consent to the processing of your personal data for a specific purpose, you can at any time freely withdraw your consent. The withdrawal of your consent has no effect on the legitimacy of the processing of your data carried out before the withdrawal. If you revoke your consent, we may no longer process your personal data for the corresponding purposes.
If we process your Personal Data due to our legitimate interests, you can at any time object to the processing. Your objection should indicate the reasons why we should not process your Personal Data. If your objection is justified, we will cease the processing of your Personal Data.
You may also object to the processing for direct marketing purposes.
We may update this Privacy Notice from time to time if we change our data processing activities. We expect most such changes to be minor, but there may be changes that are more significant.
Irrespective of the extent of any modification the most current Privacy Notice will always be posted on this page (www.theculturedhub.com/privacy), more significant changes will be communicated more prominently and if you are registered with us, we will actively inform you, if this is possible without disproportionate effort. In general, however, a data processing activity is subject to version of the Privacy Notice which is the latest version at the beginning of the relevant processing.
This Privacy Notice was issued on November 14th, 2022.