AIMAI

Data protection

1. General information on data protection

1.1 Controller

Microliving AG | Kompetenzzentrum für Mikrowohnen
Lagerplatz 21
8400 Winterthur
SWITZERLAND

Phone: +41 52 548 26 26
E-mail: info@microliving-ag.ch

2. In general

The meaning of the terms used, such as “personal data” or their “processing”, can be found in Article 4 of the EU General Data Protection Regulation (GDPR).

3. Types of data processed

Inventory data (e.g., names, addresses).
Contact data (e.g., e-mail, telephone numbers).
Content data (e.g., text entries, photographs, videos).
Usage data (e.g., websites visited, interest in content, access times).
Meta/communication data (e.g., device information, IP addresses).

4. Data subjects

Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as “users”).

5. Purpose of the processing

Provision of the online offer, its functions and content
Responding to contact requests and communicating with users
Security measures
Reach measurement/marketing

6. Privacy policy

We guarantee that your data will only be collected, processed, stored and used in connection with the processing of your inquiries and for internal purposes as well as to provide services requested by you or to provide content.

6.1 Principles of data processing

We only process users' personal data in compliance with the relevant data protection regulations. User data will only be processed if the following legal permissions apply

to provide contractual services (e.g. processing orders) and online services
the processing is required by law
if you have given your consent
on the basis of legitimate interests (i.e. interest in the analysis, optimization and economic operation and security
of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, in particular when measuring reach, creating
profiles for advertising and marketing purposes and collecting access data and using the services of third-party providers)

We would like to show you where the above legal bases are regulated in the GDPR:

Consent Art. 6 para. 1 lit. a. and Art. 7 GDPR
Processing for the fulfillment of our services and implementation of contractual measures: Art. 6 para. 1 lit. b. GDPR
Processing for the fulfillment of our legal obligations: Art. 6 para. 1 lit. c. GDPR
Processing for the protection of our legitimate interests: Art. 6 para. 1 lit. f. GDPR

6.2 Data transfer to third parties

Data is only passed on to third parties within the framework of the legal requirements. We only pass on user data to third parties if this is necessary, for example, for contractual purposes or on the basis of legitimate interests in the economic and effective operation of our business operations.

If we use subcontractors or other processors to provide services, we take appropriate legal precautions and appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.

6.3 Data transfer to a third country or an international organization

Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

Data will only be transferred to a third country or an international organization if appropriate/adequate safeguards are in place and enforceable rights and effective legal remedies are available to you.

You can obtain a copy of the appropriate safeguards at the following links

Privacy Shield: https://www.privacyshield.gov/list

Standard Contractual Clauses: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF

6.4 Storage duration of your personal data

We adhere to the principles of data minimization and data avoidance. This means that we only store the data you provide to us for as long as necessary to fulfill the aforementioned purposes or as stipulated by the various storage periods provided for by law. If the respective purpose no longer applies or after the corresponding periods have expired, your data will be routinely blocked or deleted in accordance with the statutory provisions.

6.5 Rights of the data subjects

You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.

You have accordingly. Art. 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate data concerning you.

In accordance with Art. 17 GDPR, you have the right to demand that the data in question be deleted immediately or, alternatively, to demand that the processing of the data be restricted in accordance with Art. 18 GDPR.

You have the right to request to receive the data concerning you that you have provided to me in accordance with Art. 20 GDPR and to request its transfer to other controllers.

6.6 Right of revocation

You have the right to withdraw your consent in accordance with Art. 7 para. 3 GDPR with effect for the future.

6.7 Right to object

You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection may be made in particular against processing for direct marketing purposes.

6.8 Forwarding of data to e.g. courts and authorities

We take the rights of injured parties very seriously in the event of misuse of our services. If ordered by a court, we will pass on data and information about users to the requesting authority. This also applies in particular if there is reasonable suspicion of misuse of our services. Misuse occurs when applicable laws are violated. In such cases, the user expressly consents to the forwarding of his or her data to courts and authorities. I would like to give you the legal basis for this:

Processing to fulfill a legal obligation: Art. 6 para. 1 lit. c. GDPR

6.9 Protection of your personal data

We take contractual, organizational and technical security measures in accordance with the state of the art to ensure that the provisions of the Data Protection Act are complied with and to protect the data processed by me against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and my server.

For this purpose, 256-bit SSL (AES 256) encryption technology is used. This includes your IP address.

Your personal data is protected within the scope of the following points:

a) Maintaining the confidentiality of your personal data

In order to protect the confidentiality of your personal data stored by us, we have taken various measures to control access.

b) Safeguarding the integrity of your personal data

In order to protect the integrity of your personal data stored by us, we have taken various measures to control the transfer and input of data.

c) Safeguarding the availability of your personal data

In order to ensure the availability of your personal data stored by us, we have taken various measures to control orders and availability.

The security measures in use are continuously improved in line with technological developments.

Despite these precautions, we cannot guarantee the security of your data transmission to my online offering due to the insecure nature of the Internet. For this reason, any data transmission from you to my website is at your own risk.

6.10. Hosting and e-mail delivery

The hosting services we use serve to provide the following services:

Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online offering.

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of contract).

Art. 28 GDPR (conclusion of order processing contract).

6.11. Contacting us

If you contact us by e-mail or via a contact form, you consent to electronic communication. When you contact us, personal data such as your name and e-mail address will be collected. Your data is transmitted in SSL-encrypted form. The information you provide will be stored exclusively for the purpose of processing your request and for possible follow-up questions.

We would like to provide you with the legal basis for this:

Processing for the fulfillment of our services and implementation of contractual measures: Art. 6 para. 1 lit. b. GDPR
Processing to protect our legitimate interests: Art. 6 para. 1 lit. f. GDPR

We would like to point out that e-mails can be read or changed without authorization and unnoticed during transmission. We would also like to point out that we use software to filter unwanted emails (spam filter). The spam filter can reject e-mails if they are falsely identified as spam due to certain characteristics.

7. Cookies

“Cookies” are small files that are stored on users' computers. Different information can be stored within the cookies.

A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online service. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online service and closes their browser. The content of a shopping cart in an online store or a login status, for example, can be stored in such a cookie. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status can be saved if the user visits the website after several days. The interests of users can also be stored in such a cookie and used for reach measurement or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the controller who operates the online service (otherwise, if they are only the controller's cookies, they are referred to as ‘first-party cookies’).

We use temporary and permanent cookies and explain this in this privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

7.1 Control of cookies by the user

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/.

Browser cookies: You can set all browsers so that cookies are only accepted on request. Settings can also be made to only accept cookies whose pages are currently being visited. All browsers offer functions that enable the selective deletion of cookies. The acceptance of cookies can also be switched off in general, but then you may have to accept restrictions in the user-friendliness of this online offer.

Flash cookies: Flash cookies are the (locally) stored settings of the Flash Player. However, these are not browser cookies, which are managed by the respective browser settings, but separately via the Flash Player settings manager.

External link: www.macromedia.com/support/documentation/de/flashplayer/help/settings_manager03.html

7.1.1 Deactivating or removing cookies (opt-out)

Every web browser offers options for restricting and deleting cookies. Further information on this can be found on the following websites:

7.2 Use of first-party cookies (Google Analytics)

On the basis of our legitimate interest (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use Google Analytics, a web analysis service of Google LLC (“Google”). GDPR) Google Analytics, a web analysis service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles of the users can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

The IP address transmitted by the user's browser will not be merged with other Google data.

Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the use of data by Google, setting and objection options, can be found in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

The personal data of users will be deleted after 14 months.

Cookie	Dauer	Beschreibung
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Benutzers oder der Benutzerin für die Cookies der Kategorie "Analytics" zu speichern.
cookielawinfo-checkbox-functional	11 months	Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Benutzers für die Cookies der Kategorie "Funktional" zu speichern.
cookielawinfo-checkbox-necessary	11 months	Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Benutzers für die Cookies der Kategorie "Notwendige" zu speichern.
cookielawinfo-checkbox-notwendig	1 year	Dieses Cookie ist für das Cookie Consent Plugin und speichert, welche User*innen mit den Cookies in "Notwendig" einverstanden sind.
cookielawinfo-checkbox-others	11 months	Das Cookie wird durch die GDPR-Cookie-Zustimmung gesetzt, um die Zustimmung des Nutzers oder der Nutzerin für die Cookies der Kategorie "Werbung" zu erfassen.
cookielawinfo-checkbox-performance	11 months	Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Benutzers für die Cookies der Kategorie "Performance" zu speichern.
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Benutzers oder der Benutzerin für die Cookies der Kategorie "Andere" zu speichern.

Cookie	Dauer	Beschreibung
_ga	2 years	Dieses Cookie ist notwendig für Google Analytics.
_ga_X6GQVEGZ35	2 years	Dieses Cookie ist notwendig für Google Analytics.
_gat_gtag_UA_217190380_1	1 minute	Dieses Cookie ist notwendig für Google Analytics.
_gid	1 day	Dieses Cookie ist notwendig für Google Analytics.