Privacy Policy.

The responsible body within the meaning of the data protection laws is:
Art on Ice Production AG, Rotfluhstrasse 91, 8702 Zollikon

 

1. Introduction

In this data protection declaration, we, Art on Ice Production AG, Rotfluhstrasse 91, 8702 Zollikon (hereinafter referred to as we or us), explain how we collect and process personal data. We provide services relating to the preparation of tax returns for you.

The aim of this information is

– to provide you with comprehensive information about the processing of your personal data by us;

– to explain your rights in connection with the processing of your personal data; and

– to provide you with the contact details of the office responsible for processing your personal data and of the internal data protection officer.

Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security. We are committed to handling your personal data responsibly. It goes without saying that we comply with the provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (FADP), the Telecommunications Act (TCA), the European General Data Protection Regulation (EU) 2016/679 (GDPR) and, where applicable, other provisions under data protection law.

So that you know what personal data we collect from you and for what purposes we use it, please take note of the information below.

2 What personal data do we process and for what purpose?

 

Depending on your activity, we process the following personal data:

 

2.1 Collection of general information when visiting our website

 

When you access our website, information of a general nature is automatically collected. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary in order to correctly deliver the contents of web pages requested by you and is compulsory when using the Internet. Anonymous information of this kind is statistically evaluated by us in order to optimise our Internet presence and the technology behind it.

The collection and processing of this data is carried out for the purpose of enabling the use of our websites (connection establishment), to ensure system security and stability on a permanent basis, to enable the optimisation of our internet presence as well as for internal statistical purposes.

Only in the event of an attack on the network infrastructure or a suspicion of other unauthorised or abusive website use will the IP address be evaluated for the purpose of clarification and defence and, if necessary, used in the context of criminal proceedings to identify and take civil or criminal action against the users concerned.

The legal basis is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO in providing a stable and functional website.

2.2. Cookies

 

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. Through this, we automatically receive certain data such as IP address, browser used, operating system about your computer and your connection to the internet.

Cookies cannot be used to run programs or deliver viruses to a computer. The information contained in cookies enables us to facilitate your navigation and to display our web pages correctly.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. You can deactivate the use of cookies at any time via your browser settings. Please use the help functions of your internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f -DSGVO in providing a user-friendly and up-to-date website and, depending on the cookie in question, your consent pursuant to Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.

2.3 Order form on our website

 

When using the order form for VIP packages, some personal data is collected, such as name, address, contact and communication data such as telephone number and e-mail address. The data is stored in our system and is used for invoicing when purchasing from our range.

Of course, we will also provide you with information about the personal data we have stored about you at any time. We will also be happy to correct or delete this data at your request, provided that there are no legal obligations to retain it. To contact us in this context, please use the contact details provided at the end of this privacy policy.

The legal basis is the necessity for the fulfilment of the contract within the meaning of Art. 6 para. 1 lit. b EU-DSGVO.

 

2.4 Provision of chargeable services

 

For the provision of chargeable services, we will request additional data, such as payment details. An order for a VIP package via the order form is binding. The personal data will be added to our customer base after payment. For VIP packages, either invoices will be issued or you will make your payment via our partner Ticketcorner.

The legal basis is the necessity for the fulfilment of the contract within the meaning of Art. 6 para. 1 lit. b EU-DSGVO.

 

2.5 Purchase of a ticket

 

If you make a purchase via our website, the integration of the ticket portal by the company Ticketcorner via an affiliate link is necessary. Payment is made via an integrated Ticketcorner page. We have no influence on the data processing by Ticketcorner.

You can find more information on Ticketcorner’s data protection under this link.

If you have purchased a ticket, we receive your personal data from Ticketcorner. We then use this data to inform you about our events via newsletter.

The legal basis for this processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO for the performance of marketing activities.

2.6 Newsletter

 

When registering to receive our newsletter (MailChimp, Intuit Inc. Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA), the data you provide will be used exclusively for this purpose. Subscribers may also be notified by email of circumstances relevant to the service or registration (for example, changes to the newsletter offering or technical circumstances).

For effective registration, we require a valid e-mail address, your surname and first name. We use double opt-in for registration. This means that you will receive an e-mail after registering via our website, which you must confirm with a click. Only then is the registration completed and you will receive our newsletters in the future. The data will only be used for sending newsletters about our events at Carré Event AG such as Art on Ice, Blues’n’Jazz and others. They will not be passed on to third parties.

You can revoke your consent to the storage of your personal data and its use for the newsletter dispatch at any time. You will find a link to this effect in every newsletter. You can also unsubscribe at any time directly on this website or inform us of your wish to do so via the contact option given at the end of this data protection notice.

 

This data processing is based on your consent within the meaning of Art. 6 para. 1 lit. a DSGVO. This consent can be revoked at any time.

 

2.7 Contact form

 

If you contact us by e-mail or contact form, the information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions. This involves personal data such as first and last name, address and e-mail.

This data processing is based on your consent within the meaning of Art. 6 Para. 1 lit. a DSGVO. This consent can be revoked at any time.

 

3. Tracking Tools and Retargeting

 

3.1 Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google, Inc (hereafter: Google). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. In addition, you can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: Browser add-on to deactivate Google Analytics.

 

You can find more information on terms of use and data protection under this link. 

 

3.2 Google Ads Conversion-Tracking and Retargeting

 

This website uses the online advertising programme “Google Ads” and, as part of this, conversion tracking and retargeting. Google Ads sets a cookie on your computer if you have accessed our website via a Google ad. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognise that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across Ads customers’ websites.

The information obtained with the help of the conversion cookie is used to create conversion statistics for Ads clients who have opted for conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users.

With Google Ads Retargeting, we can assign people who contact our online offer to specific target groups so that we can subsequently display interest-based advertising to them in the Gooogle advertising network.

If you do not wish to participate in the tracking process, you can easily deactivate the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.

 

You can find out more about this via Google’s privacy policy.

 

3.3 Google TagManager

 

The Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate e.g. Google Analytics and other Google marketing services into our online offer. The Tag Manager itself, which implements the tags, does not process any personal data of the users. With regard to the processing of users’ personal data, we refer to the following information on Google services.

Usage guidelines

4. Social media and third-party plugins 

 

4.1 Youtube

 

We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. This tells Youtube which pages you are visiting. If you are logged into your YouTube account, YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your Youtube account first.

If a Youtube video is started, the provider uses cookies that collect information about user behaviour.

If you have deactivated the saving of cookies for the Google Ad programme, you will not have to expect any such cookies when watching Youtube videos. However, Youtube also stores non-personal usage information in other cookies. If you would like to prevent this, you must block the saving of cookies in the browser.

 

For further information on data protection at “Youtube”, please refer to the provider’s privacy policy.

 

4.2 Facebook

 

We integrate plug-ins from the social network Facebook (address: 1601 South California Avenue, Palo Alto, CA 94304, USA) on our websites.

If you call up one of our websites with a Facebook plug-in, a direct connection is established with Facebook. We have no influence on the type and scope of the data that is collected, stored and processed by Facebook. We can only inform you according to our level of knowledge.

Facebook is informed via the plug-in that you have accessed the corresponding website of our offer. This also applies to users who are not registered with Facebook. In this case, it is possible that Facebook stores the IP address.

If you are a member of Facebook and logged in, accessing a website with a Facebook plug-in can be clearly assigned to your user account on Facebook. In addition, the plug-ins transmit all interactions, for example when you use the Like button or leave a comment.

To prevent Facebook from storing data about you, please log out of Facebook before visiting our websites. You can also block the plug-ins with browser add-ons.

 

Information on the data protection provisions, the purpose and scope of data collection and data processing as well as the setting options for protecting your privacy at Facebook can be found here.

 

4.3 Instagram

 

Our website uses functions of the Instagram service (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA). This may include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within Instagram. If the users are members of the Instagram platform, Instagram can assign the call-up of the content and functions to the users’ profiles there. Instagram privacy policy.

 

4.4 LinkedIn

 

For our marketing services, we use the social network LinkedIn (LinkedIn of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland). This includes various content such as images, videos, texts, PDFs and events that allow users to view and share content from this online platform. This allows users to be associated via their profile.

The platform may use web tracking methods for this purpose. For more information on data protection, please see LinkedIn’s privacy policy.

 

4.5 TikTok

 

The features of TikTok are used through this website. TikTok is a social media service provided by Beijing Bytedance Technology Ltd, located at 48 Zhichun Lu Jia, Haidian Qu, Beijing, China. We use this platform for our video content, which TikTok users can view and share. TikTok’s privacy policy is defined through the European company TikTok Technology Limited and can be found at the following link.

 

4.6 Script libraries (fonts.com)

In order to display our content correctly and in a graphically appealing way across browsers, we use script libraries and font libraries such as web fonts from fonts.com on this website. Web fonts are transferred to your browser’s cache to avoid multiple loading. If the browser does not support Google web fonts or prevents access, content is displayed in a standard font.

Calling up script libraries or font libraries automatically triggers a connection to the operator of the library. In the process, it is theoretically possible that operators of corresponding libraries collect data.

The privacy policy of the library operator fonts.com can be found here.

 

5. From which sources do we collect your personal data?

 

In principle, we collect personal data directly from you (e.g. via forms, in the course of communication with us, in connection with contracts, when using the website, etc.).

Unless this is inadmissible, we also take data from publicly accessible sources (e.g. media or the Internet incl. social media) or receive data from Ticketcorner, from our other events and from other third parties active in the event sector.

 

6. Storage location

 

Your personal data is stored by us in Switzerland, EU/EEA. MailChimp stores the data in the USA.

7. Are the personal data passed on to third parties?

 

We share your personal data with the following categories of recipients:

– Service providers: We work with service providers in Switzerland and abroad who process data about you on our behalf or in joint responsibility with us or receive data about you from us in their own responsibility (e.g. IT providers, freelancers, agencies and consultants, third-party providers).

We disclose to these service providers in each case the data required for the services, which may also concern you. These service providers may also use such data for their own purposes, e.g. information on outstanding debts and your payment history in the case of credit agencies or anonymised information to improve services. We also enter into contracts with these service providers that include provisions to protect your personal data. Our service providers may also process data about how their services are used and other data arising from the use of their services as independent data controllers for their own legitimate interests (e.g. for statistical analysis or billing purposes).

 

– Authorities: We may pass on personal data to offices, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities then process this data on their own responsibility.

All these categories of recipients may in turn involve third parties, so that your data may also be made accessible to them. We can restrict processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities, banks, etc.).

 

8. Transmission of personal data abroad

 

If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection (for this purpose, we use the revised standard contractual clauses of the European Commission, which can be accessed here), insofar as it is not already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.

The recipients are located outside of Switzerland in the EU/EEA and in the USA.

Please also note that data exchanged via the internet is often routed via third countries. Your data may therefore end up abroad even if the sender and recipient are in the same country.

 

9. Note on data transfers to the USA

 

Some of the third-party service providers mentioned in this privacy policy are based in the USA. For the sake of completeness, we would like to point out for users who are resident or domiciled in Switzerland that there are surveillance measures in place in the USA by US authorities which generally allow the storage of all personal data of all persons whose data has been transferred from Switzerland to the USA. This is done without any differentiation, restriction or exception based on the objective pursued and without any objective criterion that makes it possible to restrict the access of the US authorities to the data and their subsequent use to very specific, strictly limited purposes that are capable of justifying the intrusion associated with both access to and use of this data. Furthermore, we would like to point out that in the USA, there are no legal remedies available to data subjects from Switzerland that allow them to obtain access to the data concerning them and to obtain their correction or deletion, or that there is no effective judicial legal protection against general access rights of US authorities. We explicitly draw the attention of data subjects to this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.

 

For users residing in Switzerland, we would like to point out that the USA does not have a sufficient level of data protection from the point of view of Switzerland – among other things due to the issues mentioned in this section. Insofar as we have explained in this privacy policy that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected at an appropriate level with our partners through contractual arrangements with these companies as well as any additional appropriate guarantees required, which protect the rights of individuals whose personal data is transferred to a third country.

 

10. Retention period

 

We store personal data for a maximum of as long as a business relationship is maintained in order to use the tracking services mentioned above as well as further processing within the scope of our legitimate interest. We retain contractual data for longer, as this is required by statutory retention obligations. Retention obligations that oblige us to retain data result from regulations on registration law, on accounting and from tax law. According to these regulations, business communication, concluded contracts and accounting vouchers must be kept for up to 10 years. As far as we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.

 

11. Data security

We take appropriate technical and organisational security measures to protect personal data from unauthorised access and misuse. These include IT and network security solutions, access restrictions, encryption of data carriers and transmissions, instructions, training and controls.

If third parties have access to our data, special measures are taken which are regulated in the order processing contract.

To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS. This encryption means that the data you transmit to us cannot be read by third parties.

 

12. Your rights

 

You can object to data processing at any time. You also have the following rights:

– Right of access: You have the right to request access to your personal data stored by us at any time and free of charge if we are processing it. This gives you the opportunity to check what personal data we are processing about you and that we are using it in accordance with the applicable data protection regulations.

– Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.

– Right to erasure: You have the right to have your personal data erased under certain circumstances. In individual cases, the right to erasure may be excluded.

– Right to restrict processing: Under certain circumstances, you have the right to have us restrict the processing of your personal data.

 

– Right to object: You have the right to object to data processing, in particular to direct marketing.

– Right to data transfer: Under certain circumstances, you have the right to receive the personal data you have provided to us free of charge in a machine-readable format.

– Right of withdrawal: In principle, you have the right to withdraw your consent at any time with effect for the future. Processing activities based on your consent in the past do not become unlawful as a result of your revocation.

– Right of complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g. against the way your personal data is processed.

13. Change in data protection regulations

 

We reserve the right to amend this data protection declaration from time to time so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection statement will then apply to your next visit.

 

14. Contact addresses

 

Data Protection Officer

 

If you have any questions about data protection, please write us an e-mail or contact our data protection officer directly:

Art on Ice Production AG

Gabriela Buchs

Rotfluhstrasse 91

CH-8702 Zollikon

E-mail:gabriela.buchs(at)carre.ch

 

 

Last updated: 27 September 2023

NEWSLETTER