You are visiting jeff.agency, a service from the Swiss JEFF Zürich GmbH. With this data protection declaration we inform you about the processing of personal data in connection with our service.
Our service is subject to the Swiss data protection law as well as any applicable foreign data protection law such as that of the European Union (EU) with the General Data Protection Regulation (GDPR). The EU recognises that the Swiss data protection law guarantees adequate data protection.
We may change our privacy policy at any time. We will inform you about such changes in a suitable form on our website. To be noted, supplementary or further data protection declarations may exist for individual and additional offers and services.
1. Processing of personal data
1.1 Personal data is all information relating to a specific or identifiable person. A data subject is a person whose personal data are processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, alteration, destruction and use of personal data.
1.2 We process the personal data necessary to provide our services effectively and in a user-friendly manner as well as permanently, securely and reliably.
1.3 We process personal data only with the consent of the data subject, unless the processing is permitted for other reasons, for example to fulfil a contract with the data subject and for corresponding pre-contractual measures so as to protect our overriding legitimate interests because the processing is given due to the circumstances, or after prior information. In this context we process in particular information which a person concerned sends to us when making contact - for example by letter post, e-mail, contact form, telephone or social media. We may store such information in an address book, in a customer relationship management system (CRM system) or with comparable tools.
1.4 We process personal data for the duration necessary for the purpose or purposes in question. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly.
1.5 We may have personal data processed by third parties - potentially located abroad. Such data processors process personal data on our behalf. We may further process personal data with the help of third parties –potentially located abroad. In each case, we ensure that such third parties guarantee adequate data protection.
1.6 We are present on social media platforms and other online platforms in order to be able to communicate with customers and interested persons and inform them about our services. The General Terms and Conditions (GTC), privacy policies and other provisions of the individual operators apply in each case.
2. Legal basis for the processing of personal data
2.1 We process personal data in accordance with the Swiss data protection law, and in particular the Federal Act on Data Protection (FADP).
2.2 To the extent that the GDPR is applicable, we process personal data in accordance with the following legal principles:
- Article 6 (1)(b) GDPR for the necessary processing of personal data for the fulfilment of a contract with the person affected as well as for the implementation of pre-contractual measures.
- Article 6 (1)(f) GDPR for the necessary processing of personal data in order to safeguard the legitimate interests of us or third parties, unless the fundamental freedoms and rights and interests of the data subject prevail. Legitimate interests are our economic interest in being able to provide and advertise the service, information security and protection against misuse and unauthorised use, the enforcement of our own legal claims and compliance with Swiss law.
- Article 6 (1)(c) GDPR for the necessary processing of personal data to fulfil a legal obligation to which we are subject under any applicable EU law or under any applicable law of a country in which the DSGVO is applicable in whole or in part.
- Article 6 (1)(a) GDPR for the processing of personal data with the consent of the data subject.
- Article 6 (1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.
3. Technical and organisational measures
3.1 We take adequate and appropriate technical and organisational measures to ensure data protection and security.
3.2 Access to our service is via transport encryption (SSL / TLS).
3.3 Despite appropriate organisational and technical measures, the processing of personal data on the Internet can always be subject to security gaps. Therefore, we cannot guarantee absolute data security.
3.4 Access to our service is subject - as in principle any Internet use - to mass surveillance without cause or suspicion as well as other surveillance by security authorities in Switzerland, the EU, the United States of America (USA) and other countries. We cannot directly influence the processing of personal data by secret services, police and other security agencies.
4. Cookies, log files and tracking pixels
4.1 For each visit to our website, we collect the following data, if transmitted from your browser to our server infrastructure, and store this data in log files:
- Date and time including time zone
- Internet Protocol (IP) address
- Access status (HTTP status code)
- Operating system including user interface and version
- Browser including language and version
- Unique visited page and the amount of data transferred
- last visited website (referrer)
Such data may represent personal data. The data is necessary in order to provide our services permanently, securely and reliably and to ensure data security and thus in particular the protection of personal data - also by third parties or with the help of third parties. We use the free open source software AWStats to evaluate such data without personal reference.
4.2 We use cookies on our website. Cookies - also from third parties whose services we use (third party cookies) - are text files that are stored in your browser. Cookies can be stored in your browser when you visit our website. In particular, cookies enable your browser to be recognised the next time you visit our website. Cookies cannot execute programs or transmit malware such as Trojan horses and viruses. Cookies are necessary in order to provide our services, including our website, in an effective and user-friendly manner as well as permanently, safely and reliably, in particular by analysing the use with regard to troubleshooting and improvements.
You can deactivate or delete cookies in your browser settings at any time, in whole or in part. Without cookies, our services may no longer be fully available. If and to the extent necessary, we will inform you directly about the use of cookies or ask you directly for your consent to cookies.
4.3 We use tracking pixels on our website. Tracking pixels - also from third parties whose services we use - are small images that are called up when you visit our website. Counting pixels can be used to collect the same data that is transferred from your browser to our server infrastructure. Tracking pixels are required to provide our services, including our website, in an effective and user-friendly manner and in a durable, secure and reliable manner, by analysing usage for troubleshooting and improvement.
5. Third party services
5.1 We use services provided by third parties - also abroad including the United States of America (USA) - in order to provide our services effectively and in a user-friendly manner as well as permanently, securely and reliably. Such services, including but not limited to hosting, storage and payment services, require your Internet Protocol (IP) address in order for the content to be delivered or made available. Such services may also process other data - including cookies, log files, and counting pixels - in connection with our services and in connection with information from other sources for their own statistical and technical purposes.
5.2 We use Google AdWords to target advertising for our products and services and in particular to display it on other websites, specifically to persons interested in our products and services, including our website, or who use our products and services, including our website, for which we provide Google with relevant information, including personal data (remarketing). Cookies are also used for this purpose. Google uses various domain names - including doublelick.net, googleadservices.com and googlesyndication.com - for Google AdWords. We also use the Google Tag Manager to embed and manage Google AdWords and other Google and third-party services on our website. Google processes the transmitted data and other data in this context pseudonymously, i.e. from Google's point of view pseudonymous profiles and not profiles of actually identified persons are administered, unless the corresponding person has expressly permitted Google to carry out the processing without pseudonymisation.
You can object to the interest-related advertising by Google by using the corresponding setting options of Google.
Google AdWords is a service of the American Google LLC. Google is subject to both the EU American Privacy Shield and the Swiss-American Privacy Shield, under which Google commits itself to guarantee adequate data protection. In particular, Google has published the following information on the type, scope and purpose of data processing in connection with Google AdWords: privacy and personalized ads, privacy policy and terms of service, entry in the privacy shield list.
5.3 We use Google Analytics to analyse the use of our services, whereby we have the recorded IP addresses anonymised before the analysis. Google Analytics also uses cookies.
Google Analytics is a service of American Google LLC. We require this service in order to provide our services, including our website, in an effective, user-friendly, durable, secure and reliable manner, in particular by analysing usage, including measuring success and reach, for troubleshooting and improvement. We can also determine whether our advertising on the Internet is successful and thus leads to appropriate visits to our website (conversion tracking). Cookies are also used for this purpose. You can object to the statistical recording by Google Analytics with an "opt-out" cookie or with the "browser add-on for deactivating Google Analytics".
Google is subject to both the EU American Privacy Shield and the Swiss-American Privacy Shield, whereby Google undertakes to guarantee adequate data protection. In particular, Google has published the following information on the type, scope and purpose of data processing in connection with Google Analytics: Google Analytics Terms and Conditions, Privacy Policy and Terms of Use, Entry in the Privacy Shield list.
5.4 We use Vimeo to embed videos into our website. In the case of visitors to our website who are registered with Vimeo, Vimeo can assign the content played to these visitors. Vimeo may also use cookies.
Vimeo is a service provided by American Vimeo Inc. Vimeo claims to be subject to both the EU Privacy Shield and the Swiss-American Privacy Shield, which means that Vimeo is committed to ensuring adequate data protection. In particular, Vimeo has published the following information on the type, scope and purpose of data processing in connection with Vimeo: privacy policy, information on the cross-border disclosure of data.
5.5 We use YouTube to embed videos on our website. For visitors to our website who are registered with YouTube, YouTube may associate the content played with those visitors. YouTube may also use cookies.
YouTube is a service of American Google LLC. Google is subject to both the EU American Privacy Shield and the Swiss-American Privacy Shield, whereby Google undertakes to guarantee adequate data protection. In particular, Google has published the following information on the type, scope and purpose of data processing in connection with YouTube: data protection for Google products including YouTube, Privacy Policy and Terms of Use, Entry in the Privacy Shield list.
6. Rights of data subjects
6.1 Data subjects whose personal data we process have rights according to Swiss data protection law. This includes the right to information as well as the right to correction, deletion or blocking of the processed personal data.
6.2 Data subjects whose personal data we process, insofar as and to the extent that the GDPR is applicable, may obtain confirmation free of charge as to whether we process their personal data and, if so, request information on the processing of their personal data, restrict the processing of their personal data, exercise their right to data transferability and correct, delete ("right to be forgotten") or block their personal data.
6.3 Data subjects whose personal data we process, insofar as and to the extent that the GDPR is applicable, may revoke their consent at any time and object to the processing of their personal data at any time.
6.4 Data subjects whose personal data we process have the right to appeal to a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
7. Contact addresses
7.1 Inquiries from regulatory authorities and persons concerned shall reach us by e-mail, but can also be sent by post:
JEFF Zürich GmbH
Grubenstrasse 15
8045 Zürich
Switzerland
7.2 We have a GDPR representative in the EU as a point of contact for regulatory authorities and persons affected with all questions relating to EU data protection law:
JEFF Berlin GmbH
Glogauer Straße 19a
10999 Berlin
Germany