ROMAG aquacare AG ("we" or "us") attaches immense importance to protecting your data and respecting your privacy. In this statement, we would therefore like to inform you about the collection and use of individual data relating to the personal or material circumstances of an identified or identifiable natural person ("personal data").
This data protection declaration applies to the romag.ch domain and to subdomains in the subdomain.romag.ch format.
Changes to this privacy statement apply from the date of their publication on our website. Personal data collected under a previous data protection declaration will be processed in accordance with this data protection declaration. We reserve the right to amend this data protection declaration at any time and to inform customers, partners, and users of such amendments in an appropriate manner.
1. Persons responsible and contact persons
We are at your disposal for any questions or communications concerning your personal data. You can reach us as follows:
We only process your personal data within the framework of the data processing principles and where there is a legal basis. If this is necessary for the purposes of initiating and fulfilling a contract, this legal basis applies. We also have an interest in continually improving our services and adapting them to your needs. This is necessary to develop our services, for statistical purposes and to ensure the security of our services. We assume that our interests are paramount.
When you visit a website, we also collect the following necessary data:
All data that you explicitly indicate as part of a request in the contact form or in an e-mail (name, address, age, gender, contact details, texts, photos, images, etc.).
IP address and reference URL (the page visited previously);
Version and type of browser used;
Date & time of visit or request;
2.1 Types of data processed
basic data (e.g. names, addresses)
contact data (e.g. e-mail, telephone numbers)
content data (e.g. texts entered, photographs, videos)
Usage data (e.g. web pages visited, interest in content, access time)
Metadata / communication data (e.g. device information, IP addresses)
On our website, we do not engage in profiling in the sense of automated processing of personal data consisting of using this data to evaluate certain personal aspects of you (e.g. for analyses or forecasts concerning job performance, economic situation, etc.). We do not collect or process sensitive personal data (e.g. on religious, political, or philosophical opinions, state of health, etc.) except in exceptional cases and then only to the extent necessary to meet contractual or legal obligations.
2.2 Purpose of processing
Provision of the online offer, its functions and content.
Responding to contact requests and communicating with users.
Reach measurement / marketing
2.3 Information on data protection in the application process
We only process candidates' data for the purposes and within the framework of the application procedure, in accordance with the legal provisions.
The application procedure requires applicants to provide us with their application data. The necessary application data is indicated as far as we offer an online form, otherwise it is derived from the job descriptions and in principle includes personal data, postal and contact addresses and documents forming part of the application, such as covering letter, CV and diplomas. Candidates may also voluntarily provide us with additional information.
By sending us their application, candidates agree to their data being processed for the purposes of the application procedure in accordance with the nature and scope described in this data protection declaration.
As far as they are made available, candidates may send us their applications using an online form on our website. Data is transmitted to us in encrypted form in accordance with the state of the art.
Candidates may also send us their application by e-mail. Please note, however, that e-mails are not encrypted and that candidates must ensure that they are encrypted themselves. We cannot therefore take responsibility for the transmission of the application between the sender and receipt on our server, and we therefore recommend that you use an online form or send it by post. Instead of applying via the online form and e-mail, candidates always have the option of sending us their application by post.
In the event of a successful application, the data provided by candidates may be processed by us for the purposes of the employment relationship. Otherwise, if the application is unsuccessful, the applicant's data will be deleted. Candidate data is also deleted if an application is withdrawn, which candidates are entitled to do at any time.
Deletion will take place, subject to justified revocation by candidates, after a period of six months, so that we can respond to any follow-up questions regarding the application and meet our obligations of proof under the Equal Treatment Act. Invoices relating to any reimbursement of travel expenses will be archived in accordance with the provisions of tax law.
2.4 Making contact
When the user contacts us (e.g. via a contact form, e-mail, telephone, or social media), the user's data is processed legitimately in order to process the contact request and its execution. The processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject.
The information provided by users may be recorded in a customer relationship management system ("CRM system") or comparable request organisation.
We delete requests if they are no longer necessary. We review the necessity every two years; in addition, legal archiving obligations apply.
3. Forwarding to third parties
Your data will not be passed on to third parties without your express consent. Exceptions to this rule are our service partners whom we require for the performance of the contractual relationship (e.g. financial institutions for payment processing, post, courier, or transport companies for sending materials, cloud services for providing and guaranteeing the digital infrastructure, etc.). In these cases, we comply with the provisions of the applicable data protection laws. The extent of data transfer is kept to a minimum.
The use of service partners in countries other than Switzerland or the member states of the European Economic Area is only relevant for us if the country in question either has an equivalent level of data protection according to the Federal Council's list of countries, or if we can contractually guarantee the equivalent level of protection (e.g. through contracts or the conclusion of so-called standard contractual clauses).
4. Company pages on social media
4.1 Media used
We operate a company page or profile on the following social media where we post information and interact with other platform users:
LinkedIn: the operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
YouTube: The operator is Google Ireland Limited, Google Building Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland.
Xing: the operator is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.
4.2 Data processing on company pages
We process personal data in accordance with the principles of this data protection declaration. Corresponding processing of personal data may take place when you interact with us via our company pages on the relevant social media.
When a company page is visited, the operator of the platform in question collects information that enables it to recognise users and analyse their behaviour globally. Based on the data collected in this way, the platform operator may also create user profiles. If, when visiting a company page, you are logged in to your corresponding user account, the respective provider may also allocate this visit to your account. The respective provider will only provide us with an anonymous statistical evaluation of the use of our company pages using the information obtained.
In principle, you can assert your data protection rights regarding the processing of data by our company pages both against us and against the respective platform operator. However, we would like to point out that you can assert these rights most effectively with the respective platform operator, as only they have access to user data and can take appropriate action and provide information directly.
Further information on data processing, including the place of processing, by the respective operator can be found at:
Communication for advertising purposes: Where permitted by the legal basis of data protection (use of a paid service or corresponding consent), we use your contact data to inform you of similar offers by e-mail, as well as for marketing and optimisation purposes, which enable us to offer you better services and customer care, for statistical purposes and to further optimise our offers (newsletter).
You may refuse to receive the newsletter at any time. You can do this by sending an e-mail to email@example.com or by clicking on the link at the end of the newsletter.
We use established tools from recognised suppliers to send out our newsletters. Compliance with legal data protection requirements is ensured by order processing contracts.
Communication for information and other purposes: We send you communications that are necessary or required for all customers, notifications containing valuable information and other communications that you request from us. You cannot unsubscribe from these communications. However, you may, where appropriate, personalise the media and format in which you receive notifications.
6. Transmission of personal data
Unless explicitly agreed otherwise, electronic communication will be by unencrypted e-mail. The use of e-mails is not technically secure; it may happen that e-mails are not delivered. When e-mails are transmitted, they may cross national borders, even if the sender and recipient are in the same country. The confidentiality of e-mails cannot be guaranteed if there is no encryption or if encryption is inadequate.
Even when using the forms available on our website, only the transmission of your message from your computer to the web server is encrypted.
By using the forms or sending an e-mail, you accept communication by e-mail with full knowledge of the risks described. The use of encrypted or otherwise secure communication channels must be agreed in advance with us.
7. Storage of your personal data
7.1 Server location
Our website is hosted by DV Bern AG.
Your personal data collected during activities on the website are hosted on DV Bern AG servers in Switzerland. The servers are protected as far as possible against unauthorised access by third parties. Back-ups are conducted regularly to prevent the loss of data as far as possible.
As far as your personal data is collected directly, it is stored on our own servers and on the virtual servers of a reputable cloud computing provider based in Switzerland or the European Economic Area. The servers are protected as far as possible against unauthorised foreign access. Regular back-ups are made to prevent data loss as far as possible.
7.2 Retention period
We only keep your data for as long as is legally necessary or in accordance with the purpose of the processing. In the case of analysis, we retain your data for as long as the analysis is complete. If we store data on the basis of a contractual relationship with you, this data will be stored for at least as long as the contractual relationship exists and at the latest as long as the limitation periods for any claims against us have expired or as long as there are legal or contractual storage obligations. As a rule, the retention period will not exceed 10 years (from the end of the contractual or de facto relationship with you).
8. Your rights
In principle, you have the right of access, rectification, deletion, limitation, transfer, revocation, and opposition and, where appropriate, the right to appeal.
8. 1 Information, rectification, transfer
You have the right to obtain information about your stored data free of charge at any time, as well as the right to rectify it. Please contact us for this purpose. You will find our contact details in point 1 of this data protection declaration.
You also have the right to request the free transfer of your personal data available in electronic form to another controller. Please note, however, that we cannot adapt your data to any special format requirements of another controller and that we cannot transfer your business history or passwords under any circumstances.
8. 2 Revocation and erasure
You may at any time revoke the authorisations you have granted us under data protection law for the processing of your data and request the deletion of your personal data. Please contact us for this purpose. You will find our contact details in point 1 of this data protection declaration.
If you request deletion, we will block your profile and block it. Please note, however, that we are required, for example under commercial and tax law, to keep accounting records for at least 10 fiscal years. Therefore, we cannot delete or process the personal data contained in these credentials. Your request for revocation or deletion therefore only applies to future processing and only to personal data that we do not process based on a legal justification, but exclusively based on your consent.
If a contractual relationship is still in progress at the time of receipt of your revocation and request for deletion, your personal data will continue to be processed until the contract has been fully executed. Your revocation in terms of data protection expressly does not affect the performance of the existing contractual relationship and does not constitute an exceptional reason for termination.
8. 3 Recourse to a supervisory authority
With the entry into force of the revised HPA on 1 September 2023, you have a right of appeal to the competent supervisory authority at the head office of the controller if you believe that we have breached a provision of the HPA.
The Federal Data Protection and Transparency Commissioner (www. edoeb. admin. ch) is responsible for complaints from data subjects.
Cookies are small text files or pieces of information that are stored on your computer or mobile device (such as a smartphone or tablet) when you use our services. A cookie usually contains the name of the website/application from which it comes, the duration of the cookie (this means how long the cookie will remain on your device), and a value that is usually a randomly generated unique number.
The maximum storage period of cookies after their initial placement on the user's terminal is that required by applicable law.
9. 1 Types of cookies
The types of cookies we use are session cookies, resident cookies, first-party cookies, and third-party cookies.
Resident Cookies are used to store your login information and remember your preferences for future connections to our services. A resident cookie is a cookie that is stored as a file on your computer and remains there when you close your web browser. The cookie can be read by the services that created it when you visit those services again.
Session ID-Cookies are used to enable certain features on our Services, to better understand how you interact with our Services, and to monitor aggregate user data and web traffic routing. Unlike resident cookies, session cookies are deleted from your computer when you close your browser. Typically, session ID cookies store an anonymous session ID on your computer, which allows you to use a service without having to log in every click.
First Party-Cookies are our own cookies, which we use to enhance your user experience. They are linked to a user's personal information. Third parties do not have access to the information we collect through our own cookies.
Third Party-Cookies are cookies placed on our services by third parties to provide services, including advertising cookies. Third-party companies place third-party cookies on your device on our behalf when you visit our services, to enable those third-party companies to perform the services they provide. In addition to what is stated in this privacy statement, you will find more information about these third-party cookies in the privacy policies of these third-party companies.
Below you will find a list of the diverse types of cookies we use in our services.
9. 2 Essential Cookies
Essential cookies are cookies that are strictly necessary for the functioning of our services and the use of their functions. Without these strictly necessary cookies, our services would not work as well as you would like, and we may not be able to provide the website or certain services or features you request.
We also use technical cookies that allow our services to remember choices you have made (such as your username, language, or the region you are in) for customization and personalization purposes. These cookies do not collect information about you for advertising purposes and do not remember which web pages you have visited.
We place the following First Party cookies (all resident cookies):
Device Identifier-Cookie: We place cookies on your computer that recognize you and indicate to the website or service that you are logged in.
User Local Cookie: We install cookies that are used to remember certain local choices you have made, such as your choice of language.
These cookies are necessary for the functioning of our services, and you cannot object to their use.
9. 3 Functional cookies
Functional cookies are cookies that enable the use of certain functions in our services, which may be useful to you, but which are not necessary for our services to work and to use their functions. You can refuse the installation of these cookies by configuring your browser accordingly. However, this may prevent you from using certain functions of our services or limit them.
Google Maps (Session Third Party Cookies)
We use Google Maps to display interactive maps and to create route descriptions. Google Maps is a mapping service from Google.
When you use Google Maps, information about your use of this website, including your IP address and the address (from which you came) entered as part of the route planning function, may be transmitted to Google in the USA.
When you visit a web page on our website that contains Google Maps, your browser establishes a direct connection with Google's servers. The map content is transmitted directly by Google to your browser, which integrates it into the web page. We therefore have no influence on the extent of the data collected by Google in this way. To the best of our knowledge, this includes at least the following data:
the date and time of the visit to the website concerned,
Internet address or URL of the website consulted,
the IP address,
(departure) address entered as part of route planning.
We have no influence on the further processing and use of the data by Google and therefore cannot be held responsible for this.
For information on the purpose and scope of data collection, the further processing and use of the data by Google, as well as your rights in this regard and the setting options to protect your privacy, please consult Google's data protection information: https://policies. google. com/privacy?hl=de.
By using our website, you consent to the processing of the data collected about you by Google Maps in the manner and for the purpose described above.
The purpose of reCAPTCHA is to check whether data entry on our websites (e. g. in a contact form) is conducted by a human being or by an automated program. In this way, we limit, among other things, abusive requests to websites by automated tools and spam. To do this, reCAPTCHA analyses the behaviour of the website visitor using different characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e. g. the IP address, the time spent by the site visitor on the site, or the mouse movements made by the user). The data collected during the analysis is transmitted to Google.
The reCAPTCHA analyses are performed entirely in the background. Visitors to the website are not informed that an analysis is underway. By blocking reCAPTCHA, you may no longer be able to fully use the services of our website, especially about forms.
9. 4 Analytical cookies and marketing, profiling, and retargeting cookies
Control of Google tools via Tag Manager
The Google Tag Manager is used on our website. The Google Tag Manager is a cookie-free domain that does not collect any personal data. The Google Tag Manager triggers other tags, which in turn may collect data. We draw your attention to this point. The Google Tag Manager does not access this data. If a deactivation has been conducted by the user at domain or cookie level, it remains valid for all tracking tags implemented with Google Tag Manager.
Google Analytics (third-party resident cookies)
The Google Analytics service is used to analyse the usage behaviour of our website. Our legitimate interest lies in the analysis, optimisation, and economic exploitation of our Internet presence.
The usage and user information that is collected includes, for example, the IP address, the location, time, or frequency of your visit to our website. For the use of Google tools, we have used IP anonymization. With this addition, the last digits of your IP address are shortened before being permanently stored on Google's servers. As a result, Google's technical and analytical services can still be used in a reasonable way, but you are no longer fully traceable and therefore enjoy a higher degree of anonymity regarding your browsing behaviour than without IP anonymization.
We also use the remarketing function within the scope of use of Google Analytics. This allows us to offer you personalized advertising in appropriate advertising spaces on other websites, based on the interests you have shown on our website. This possibility is limited to a maximum of 18 months. Retargeting allows us to deliver ads that are as relevant to you as possible and to measure the effectiveness and reach of advertising media, as well as to check our advertising partners' counts for the campaigns broadcast.
The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our website and the usage activities that take place there. This data may also be used to provide other services related to the use of our website and the use of the Internet.
Google states that it does not associate your IP address with any other data. In addition, Google provides you with further information on data protection at https://www. google. com/intl/de/policies/privacy/partners, e. g. on the possibilities to prevent the use of data.
Alternatively, future analysis of your visit to the site by Google Analytics can be deactivated by clicking on the link below. When you click on the link, an "opt-out" cookie is installed, which will prevent analysis of your visit to our site in the future:
Please note that if you delete cookies in your browser settings, the opt-out cookie will also be deleted and may need to be reactivated by you.
Google will not associate your IP address with other data stored by Google under any circumstances. You can prevent the installation of cookies. To do so, you must select "do not accept cookies" in your browser settings. Please note that in this case you may not be able to use all the functions of these web pages to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
For our website, we use the web analytics service Hotjar from Hotjar Ltd ("Hotjar"). Hotjar is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta). This tool allows you to track the movements on our website (called heatmaps). This makes it possible to see how far users scroll through the page and which buttons they click and how often. This tool also collects feedback from users of the website. In this way, we gain valuable information to make our website even faster and more user-friendly.
When using this tool, we pay particular attention to the protection of your personal data. In this way, we can only understand which buttons have been clicked, how far the mouse has been scrolled, the size of the screen of the device, the type of device and browser information, the location (country only) and the preferred language for displaying our website.
Hotjar offers each user the option to prevent the use of the tool by means of a "Do Not Track-Header", so that no data relating to the visit to the respective website is recorded. Detailed instructions with information about your browser can be found at https://www.hotjar.com/opt-out..
Version of the Data Protection Statement: October 2023