Bauwerk Group AG is the owner of the website www.bauwerk-group.com and is therefore responsible for the collection, processing and use of your personal data and the compatibility of data processing with the applicable data protection law.
Your trust is important to us, which is why we take the subject of data protection seriously and pay attention to appropriate security. Of course, we comply with the legal provisions of the Federal Data Protection Act (DSG), the Ordinance to the Federal Data Protection Act (VDSG), the Telecommunications Act (FMG) and other applicable data protection provisions of Swiss or EU law, in particular the Basic Data Protection Regulation (DSGVO).
In order for you to know what personal data we collect from you and for what purposes we use it, please take note of the information below.

A. DATA PROCESSING IN CONNECTION WITH OUR WEBSITE
1. Visit our website

When you visit our website, our servers temporarily store each access in a log file. As with any connection to a web server, the following technical data is recorded without your intervention and stored by us after 58 months at the latest until it is automatically deleted:

• the IP address of the requesting computer,
• is the name of the owner of the IP address range (usually your Internet access provider),
• the date and time of access,
• the website from which the access was made (referrer URL), if applicable with the search term used,
• is the name and URL of the retrieved file,
• the status code (for example, error message),
• the operating system of your computer,
• the browser you are using (type, version and language),
• the transmission protocol used (e.g. HTTP/1.1) and
• your username from a registration/authentication.

These data are collected and processed for the purpose of enabling the use of our website (connection establishment), to permanently guarantee system security and stability and to enable the optimisation of our Internet offer as well as for internal statistical purposes. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f DSGVO.
The IP address is also evaluated together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website for reconnaissance and defence purposes and may be used in the course of criminal proceedings to identify and prosecute the users concerned under civil and criminal law. This is our legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f DSGVO.

2. Use of our contact form

You have the possibility to use a contact form to get in touch with us. For this we absolutely need the following information:

• First Name
• Last Name
• Company
• Adress
• Zip Code
• City
• Phone
• E-Mail
• Message

We only use this data as well as a telephone number that you voluntarily provide in order to answer your contact enquiry in the best possible and personalised way. The processing of this data is therefore necessary for the implementation of pre-contractual measures within the meaning of Art. 6 para. 1 lit. b DSGVO or is in our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

B. STORAGE AND EXCHANGE OF DATA WITH THIRD PARTIES

3. Storage period

We only store personal data for as long as it is necessary to use the tracking services mentioned above and the further processing within the scope of our legitimate interest. We keep contractual data for a longer period of time, as this is prescribed by legal storage obligations. Storage obligations, which oblige us to store data, result from regulations concerning the right to report, accounting and tax law. According to these regulations, business communications, contracts concluded and accounting records must be kept for up to 10 years. If we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

4. Transfer of data to third parties

We will only pass on your personal data if you have expressly consented, if there is a legal obligation or if this is necessary for the enforcement of our rights, in particular for the enforcement of claims arising from the contractual relationship. Furthermore, we pass on your data to third parties as far as this is necessary in the context of the use of the website and the contract processing (also outside the website), namely the processing of your bookings.

One service provider to whom the personal data collected via the website is passed on or who has or can have access to it is our web host Hostpoint, Rapperswil. The website is hosted on servers in Switzerland. The data is passed on for the purpose of providing and maintaining the functionalities of our website. This is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

5. Transfer of personal data to other countries

We are entitled to transfer your personal data to third parties (commissioned service providers) abroad for the purpose of the data processing described in this data protection declaration. These are obliged to the same extent as we ourselves to data protection. If the level of data protection in a country does not correspond to that in Switzerland or Europe, we contractually ensure that the protection of your personal data corresponds at all times to that in Switzerland or the EU.

C. MORE INFORMATION

6. Right of access, rectification, cancellation and limitation of processing; right to data transferability
You have the right to request information about the personal data that we store about you. In addition, you have the right to correct incorrect data and to have your personal data deleted, insofar as this does not conflict with any legal obligation to retain data or an event of authorisation which allows us to process the data.

You also have the right to reclaim from us the data that you have provided to us (right of data portability). Upon request, we will also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.

You can contact us for the above-mentioned purposes via the e-mail address
info@bauwerk-group.com. We may, at our sole discretion, require proof of identity to process your applications.

7. Data security

We use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially when you share your computer with others.

We also take internal data protection very seriously. Our employees and the service companies commissioned by us have been obliged by us to maintain confidentiality and to comply with data protection regulations.

8. Note on data transfers to the USA

For reasons of completeness, we would like to point out to users residing or domiciled in Switzerland that monitoring measures are in place in the USA by US authorities, which generally allow the storage of all personal data of all persons whose data was transmitted from Switzerland to the USA. This is done without differentiation, restriction or exception on the basis of the objective pursued and without an objective criterion which makes it possible to limit the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes which can justify the intervention associated with both access to these data and their use. Furthermore, we would like to point out that there are no legal remedies available in the USA for the data subjects from Switzerland which would allow them to gain access to the data concerning them and to obtain their correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly point out this legal and factual situation to the person concerned in order to make an appropriately informed decision to consent to the use of his data.

Users residing in an EU Member State are advised that the US does not have an adequate level of data protection from the point of view of the European Union, partly because of the issues mentioned in this section. If we have explained in this privacy policy that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected by our partners at an appropriate level, either by contractual arrangements with these companies or by ensuring that these companies are certified under the EU or Swiss-US privacy label.

Last updated: January 2021