Data protection
​
We ("we", "us", "our") take the privacy of users ("user" or "you") of our website and/or mobile app (the "Website" or the "Mobile App") very seriously and are committed to protecting the information that users provide to us in connection with the use of our Website and/or Mobile App (collectively, "Digital Assets"). Furthermore, we are committed to protecting and using your data in accordance with applicable law.
​
This Privacy Policy explains our practices regarding the collection, use and disclosure of your information through the use of our digital assets (the "Services") when you access the Services through your devices.
Please read the Privacy Policy carefully and make sure you fully understand our practices with respect to your information before using our Services. If you have read and fully understand this policy and do not agree with our practices, you must stop using our digital assets and services. By using our Services, you accept the terms of this Privacy Policy. Your continued use of the Services constitutes your acceptance of this Privacy Policy and any changes to it.
​
This Privacy Policy tells you:
-
How we collect data
-
What data we collect
-
Why we collect this data
-
Who we share the data with
-
Where the data is stored
-
How long the data is retained
-
How we protect the data
-
How we deal with minors
-
Updates or changes to the privacy policy
What data do we collect?
Category: Always
Below is an overview of the data we may collect:
-
Non-identified and non-identifiable information that you provide during the registration process or that is collected through the use of our services ("Non-Personal Data"). Non-personal data does not allow any conclusions to be drawn about who it was collected from. Non-personal data that we collect consists mainly of technical and summarised usage information.
-
Individually identifiable information, i.e. any information by which you can be identified or could reasonably be identified ("personal data"). The Personal Data we collect through our Services may include information that is requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. If we combine personal data with non-personal data, we will treat it as personal data for as long as it is combined.
How do we collect data?
Category: Always
Below are the main methods we use to collect data:
-
We collect data when you use our services. So when you visit our digital assets and use services, we may collect, record and store usage, sessions and related information.
-
We collect data that you provide to us yourself, for example when you contact us directly via a communication channel (e.g. an email with a comment or feedback).
-
We may collect data from third party sources as described below.
-
We collect data that you provide to us when you log in to our services via a third-party provider such as Facebook or Google.
​
Why do we collect this data?
Category: Always
We may use your data for the following purposes:
-
to provide and operate our Services;
-
to develop, customise and improve our Services;
-
to respond to your feedback, enquiries and requests and provide assistance
-
to analyse request and usage patterns;
-
for other internal, statistical and research purposes;
-
to improve our data security and fraud prevention capabilities
-
to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;
-
to provide you with updates, news, promotional materials and other information related to our Services. For promotional emails, you can decide for yourself whether you wish to continue receiving them. If not, simply click on the unsubscribe link in these emails.
​
To whom do we share this data?
Category: Always
We may disclose your information to our service providers in order to operate our Services (e.g., storing data via third party hosting services, providing technical support, etc.).
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent or take action regarding illegal activities or other wrongdoing; (ii) to establish or exercise our rights of defence; (iii) to protect our rights, property or personal safety, or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliates (by way of merger, acquisition or purchase of (substantially all) assets, etc.); (v) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of (substantially all) assets, etc.); (vi) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of (substantially all) assets, etc.); (vi) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of etc.); (v) to collect, hold and/or manage your information using authorised third party service providers (e.g. cloud service providers) where appropriate for business purposes; (vi) to work with third parties to improve your user experience. For the avoidance of doubt, please note that we may transfer, disclose or otherwise use non-personal data to third parties at our discretion.
Category: User has a blog or forum
Please note that our services enable social interactions (e.g. posting content, information and comments publicly and chatting with other users). Please note that any content or data you provide in these areas may be read, collected and used by others. We advise against posting or sharing information that you do not wish to make public. If you upload content to our digital assets or otherwise make it available as part of your use of a service, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and confirm that copies of your data may remain accessible even after they have been deleted from cached and archived pages or after a copy/storage of your content has been made by a third party.
Cookies and similar technologies.
When you visit or access our Services, we authorise third parties to use web beacons, cookies, pixel tags, scripts and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may enable third parties to automatically collect your data in order to improve the browsing experience on our digital assets, optimise their performance and ensure a tailored user experience, as well as for security and fraud prevention purposes.
To find out more, please read our Cookie Policy.
Category: The user is NOT connected to an advertising service
We will not share your email address or other personal data with advertising companies or advertising networks without your consent.
​
Category: The user is connected to an advertising service, a campaign manager or Facebook Ads
We may serve advertising through our Services and our digital assets (including websites and applications that use our Services) that may also be tailored to you, such as ads based on your recent browsing behaviour on websites, devices or browsers.
​
To deliver these adverts to you, we may use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or HTML5 Local Storage and/or other technologies. We may also use third parties, such as network advertisers (i.e., third parties that serve ads based on your website visits), to serve targeted ads. Third-party ad network providers, advertisers, sponsors and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their ads and customise advertising content for you. These third-party cookies and other technologies are governed by the specific privacy policy of the third party and not this one.
Where do we store the data?
Category: Always
Non-personal data
​
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes set out in this Privacy Policy, we store and process all non-personal data that we collect in different jurisdictions.
Category: User collected personal data
Personal data
Personal Data may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and, to the extent necessary for the proper provision of our Services and/or required by law (as further explained below), in other jurisdictions.
How long will the data be retained?
Category: Always
Please note that we will retain the information we collect for as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes and enforce our agreements.
We may correct, amend or delete inaccurate or incomplete data at any time at our discretion.
How do we protect the data?
Category: Always
The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored via our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.
Category: User accepted payments/eCom
All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard) regulations of the PCI Security Standards Council. This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help to ensure the secure handling of credit card data (including physical, electronic and procedural measures) by our shop and service providers.
​
Category: Always
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the data you upload, post or otherwise transmit to us or others.
For this reason, we encourage you to set strong passwords and, whenever possible, not to provide us or others with confidential information that you believe could cause you significant or lasting harm if disclosed. As email and instant messaging are not considered secure forms of communication, we also ask that you do not share confidential information via either of these communication channels.
How do we deal with minors?
Category: Users DO NOT collect data from minors
The Services are not intended for users who have not yet reached the legal age of majority. We will not knowingly collect data from children. If you are under the age of majority, you should not download or use the Services or provide us with any information.
We reserve the right to ask for proof of age at any time so that we can check whether minors are using our services. In the event that we become aware that a minor is using our Services, we may prohibit and block such users from accessing our Services and we may delete any data we hold about that user. If you have reason to believe that a minor has disclosed data to us, please contact us as explained below.
Category: Users collecting data from minors
Children can use our services. However, if they wish to access certain features, they may be required to provide certain information. The collection of some data (including data collected via cookies, web beacons and other similar technologies) may be automatic. If we knowingly collect, use or disclose information collected from a child, we will provide notice and obtain parental consent in accordance with applicable law. We will not condition a child's participation in an online activity on the child providing more contact information than is reasonably necessary to participate in that activity. We will only use the information we collect in connection with the services that the child has requested.
​
We may also use a parent's contact information to communicate about the child's activities on the Services. Parents may review information we have collected from their child, prohibit us from collecting further information from their child, and request that any information we have collected be deleted from our records.
Please contact us to view, update or delete your child's data. To protect your child, we may ask you to provide proof of your identity. We may deny you access to the data if we believe that your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.
Category: Always
We will only use your personal data for the purposes set out in the Privacy Policy and only if we are satisfied that:
-
the use of your personal data is necessary to fulfil or conclude a contract (e.g. to provide you with the services themselves or customer service or technical support);
-
the use of your personal data is necessary to comply with relevant legal or regulatory obligations; or
-
the use of your personal data is necessary to support our legitimate business interests (provided that this is done at all times in a way that is proportionate and respects your data protection rights).
-
As an EU resident, you may:
-
Request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
-
request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format
-
request the rectification of your personal data stored by us
-
request the erasure of your personal data;
-
object to the processing of your personal data by us;
-
request the restriction of the processing of your personal data, or
-
lodge a complaint with a supervisory authority.
​
However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as set out below.
​
In the course of providing the Services, we may transfer data across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your data outside the EEA.
​
If you are based in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or equivalent level of protection of personal data exists. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimised and that such third parties act at all times in accordance with applicable laws.
​
Rights under the California Consumer Privacy Act
If you use the Services as a California resident, you may be entitled to request access to and deletion of your information under the California Consumer Privacy Act ("CCPA").
To exercise your right to access and delete your information, please see below for how to contact us.
Category: The website does not sell data of its users
We do not sell users' personal data for the purposes of the CCPA.
Category: Websites with a blog or forum
Users of the Services who are California residents under the age of 18 may request and obtain removal of their posted content by sending an email to the address provided in the "Contact Us" section below. These requests must all be labelled "California Removal Request". All requests must include a description of the content you wish to have removed and sufficient information to allow us to locate the material. We will not accept notices that are not labelled or properly submitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure that the material will be completely or comprehensively deleted. For example, material you have posted may be republished or re-posted by other users or third parties.
Updates or changes to the privacy policy
Category: Always
We may revise this Privacy Policy from time to time at our sole discretion, but the version posted on the Site will always be current (see the "Status" statement). We ask you to check this Privacy Policy regularly for changes. In the event of significant changes, we will publish a notice on our website. If you continue to use the services after being notified of changes on our website, this will be deemed to be your confirmation and consent to the changes to the privacy policy and your agreement to be bound by the terms of these changes.
Contact Us
Category: Always
If you have general questions about the Services or the information we collect about you and how we use it, please contact us at:
Baumgartner Trading AG
Glattalstrasse 507
8153 Rümlang
+41 44 817 17 70
​