This document describes the personal data processing policy of Reltrend Sagl – Gothicsauna, a Swiss company based in Lugano (CH), in relation to the use by the use of the website www.gothicsauna.ch and the resources connected to it (hereinafter the “Site”).
The present document informs the user, in the sense and for the purposes of Articles 4 para. 5 of the Federal Data Protection Act (LPD) and, where applicable, of art. 14 and 14 of the European Regulation (EU) 679/2016 (GDPR), that the personal data provided or otherwise acquired as part of the Site’s activity will be processed, in compliance with the principles, set out in the aforementioned regulations.
It should be noted that the GDPR, in accordance with art. 3, applies only in the case of:
Paragraphs A and B specify the ownership of the Site, the coordinates for communications, and describe the mechanism of acceptance and revision of this document. Paragraphs C and D describe the Site’s policy regarding to the processing of users’ personal data. Finally, paragraph E regulates the material law’s application to the legal relationship between the parties and established the competent court in the event of a dispute related to this relationship.
The conditions governing the use of the Site are described in a separate document, accessible at this link. The same is understood here fully reproduced and integrated.
The Site is owned by Reltrend Sagl – Gothicsauna, Lugano (CH).
All communications must be in writing and will be considered validly and effectively carried out upon receipt of them, if made by ordinary mail, respectively at the time of receipt of the reading confirmation if made by e-mail.
Vicolo Vecchio 3, 6900 Massagno - Switzerland
The data controller is Reltrend Sagl – Gothicsauna, Vicolo Vecchio 3 – CH-6900 Massagno. The owner can be contacted using the contact details previously specified in par. A.
Responsible for data protection
The Data Protection Responsible can be contacted in writing by ordinary mail at the following address: c/o Reltrend Sagl – Gothicsauna, Vicolo Vecchio 3 – CH-6900 Massagno.
Legal regime applicable to data processing
The owner, as a legal person under Swiss law with a registered office in Switzerland active in the private sphere, processes the personal data of users in accordance with the Federal Law on the protection of personal data (“LPD”, RS 235.1).
Given that Reltrend Sagl – Gothicsauna in principle does not process personal data that fall within the scope of the GDPR (see paragraph A above), where the Regulation is exceptionally applicable, Reltrend Sagl – Gothicsauna grants the data subjects the protections stipulated by the GDPR itself (in particular rights provided for in articles 12 – 23). The text of the GDPR can be consulted by activating this link.
Notions and categories of personal data
By personal data is intended any information concerning an identified or identifiable natural persona (Personal data). Personal data considered deserving particular protection are considered particularly sensitive information such as that relating to the intimate sphere, social assistance measures, racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union registration, biometric data or related to health, psychic, mental or physical state, as well as data relating to criminal convictions and crimes or related security measures.
Purpose and lawfulness of the processing
The owner collects and processes the Personal Data necessary to make possible and optimize navigation on the Site. These data include information concerning the use of the Site, such as the IP address of the user’s device, the location of the user, the unique identifier of the user’s mobile device, the length of stay on the Site, the activated links, the browser characteristics (type, language, installed plug-ins, cookies, etc.). These data are processed in an automated manner exclusively to allow navigation on the Site, evaluate the introduction of new features, improve the quality of the services offered, measure use of the Site and optimize its usability.
The Site processes the Personal Data transmitted by the user, in particular by means of an online form or e-mail, for the purpose of communication or making available the information requested by the user.
The Site does not process or transmit content or advertising messages designed based on the online behavior, does not profile the user, does not monitor the use of web resources or e-mails. The Site does not sell, rent, trade, and/or lend Personal Data to third parties.
Obligation to provide data
Apart from that specified for navigation data, the user is free to provide Personal Data.
The provision of data is optional or necessary depending on the specific purpose for which the data is processed. Failure to provide the requested data will make it impossible to obtain what is requested or to use the services of the data controller.
Data transfer to a third country and/or an international organization
Personal Data may be transferred abroad (with respect to Switzerland), however, limited to the European Union or to countries that guarantee adequate protection of personal data (with respect to Swiss law) as per the List established by the Federal Authority, respectively by the competent European Authority, in relation to the processing of data subject to the GDPR. The interested party has the right to obtain a copy of such data.
In case of transfer to non-European countries, in particular the United States, whose data protection level has not been deemed adequate, personal data may only be transferred to individuals, entities, and companies that have adhered to specific international agreements and/or instruments concerning the protection of personal data (for example Swiss/ EU – US Privacy Shield). The interested party can obtain information about the safeguards adopted for the transfer of Personal Data by contacting on writing Reltrend Sagl – Gothicsauna.
Retention period of personal data
The Site retains Personal Data as long as their conservation is necessary for consideration of the purpose for which the data were collected, respectively to the extent that there is a legal obligation of conservation (usually 10 years). Once the purpose of the collection of Personal Data has lapsed, or the conservation obligation established by law has expired, the owner provides for the definite and secure deletion of the data or, alternatively, for their anonymization. The detailed policy regarding the conservation of personal data can be requested from the data controller by e-mail or viewed at the registered office.
Data relating to minors
The treatment justified by the consent of the interested party is lawful where the minor who has given consent is at least 16 years old. If the minor is under the age of 16, the processing of personal data is lawful only and to the extent that consent is given or authorized by the legal representative. The owner will make every reasonable effort and in consideration of the technologies available to verify that the consent given by the legal representative is effective. However, it will not be in any way responsible for any false declarations that may be provided by the minor and, in any case, should it ascertain the falsity of the declaration, it will immediately delete any personal data and any material acquired. The owner will facilitate requests regarding the personal data of minors from the legal representative.
Data processors, recipients or categories of recipients, access to data
The Personal Data provided by the user may be disclosed to the recipient who will process the data as appointed data processors and/or as natural persons acting under the authority of the owner or manager. Where they operate in full autonomy, the subjects assume the position of distinct data controllers.
Subject to the transmission of data required by law, the data may be disclosed to recipients belonging to the following categories:
As part of the management of the Site and related resources (in particular: e-recruiting, e-mailing, back-up, web design, graphics, maintenance, translation, hosting, and Internet access), Reltrend Sagl – Gothicsauna makes use of external suppliers of good and/or services established and active in Switzerland of in the European Union (EU).
External suppliers have access to data only to the extent strictly necessary for the correct and efficient performance of their duties, subject to the assumption, by agreement, of an obligation of confidentiality and non-use in relation to Personal Data.
The complete list of data processors is available at the registered office.
E-mail communications, risks
The user is aware that (i) the use of e-mail does not ensure the confidentiality and integrity of data in transit, (ii) numerous e-mail service providers are located or hold their data in countries that do not guarantee adequate protection of personal data (for example the USA, see updated official list downloadable here), (iii) the use of such an e-mail service determines the transfer and storage of data in a country that does not guarantee adequate protection of such data.
The user authorizes the owner (and his assistants) to transmit by ordinary e-mail (not certified and encrypted) documents and/or information, including those containing personal and/or confidential data, using the e-mail address provided by the user in response to user requests received by telephone or e-mail. The user, in full awareness of the aforementioned risks, exonerates the owner of any responsibility in case of unauthorized access of third parties to the documents and/or personal and/or confidential information transmitted or received by email from the owner and/or by its organs and assistants.
Links to third-party resources
The Site contains links to sites, services, and other internet resources referable to third parties. The owner is in no way responsible for the content, safety, and usability of such sites and resources; in particular, the owner does not verify the policy, nor does he issue guarantees regarding the protection of privacy and personal data by said third parties.
The Site implements the security measures reasonably imposed by the circumstances and proportionate to the risks against unauthorized access, use, transmission, alteration, loss, or destruction of Personal Data. These measures include dispositions of technical, physical, and organizational nature. However, considering the nature of Internet as an “open network”, the owner cannot guarantee, nor warrant, that the data will not be intercepted or acquired by unauthorized third parties.
Within the limits established by the LPD, the interested party may in particular:
If the data processing falls within the territorial scope referred to in art. 3 GDPR, the interested party can assert the rights as expressed in articles 15, 16, 17, 18, 19, 20, 21, 22 GDPR, by contacting the owner or the data processor. The user has the right, at any time, to ask the data controller to access his personal data, to rectify, cancel them, limit the processing that concerns him or to oppose their treatment as well as to exercise the right to the portability of such data. If the processing is based on Article 6, paragraph 1, letter a) or on article 9 paragraph 2, letter a) GDPR, the user has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal. The user has the right to lodge a complaint with the supervisory authority. In the case of a request for data portability, the data controller provides the user, in a structured format of common use and readable by an automatic device, the personal data concerning him, without prejudice to paragraphs 3 and 4 of art. 20 GDPR.
The legal relationship between the user and the owner of the Site with reference to access and use of the Site (and related resources) is governed by Swiss material law, excluding the rules of private international law.
The parties choose the District Court of Lugano (TI) as the exclusive competent Court in the event of a dispute arising or simply connected with the use of the Site. The owner of the Site reserves the right to appeal to the competent Judge at the headquarters, branch, or home of the user.
Effective Date: January 12, 2022.