Data protection

1. Scope of data protection declaration

This data protection declaration at www.blue-cask.com applies to the website, web shop and all other services.

Swiss data protection law (DSG) applies. Specific reference is made to any applicable law from the European General Data Protection Regulation (GDPR).

2. Processing of personal data; nature, purpose and use

When visiting the site

When you visit our website, information is temporarily stored in so-called log files on our server. This is information that your device's browser automatically sends. Namely:

  • IP address of the contacting device
  • date and time
  • URL of the called page
  • Referrer URL
  • Browser and other device information
  • Data required for transmission security, troubleshooting and improvements

The data mentioned will be processed by us for the following purposes:

  • Connection establishment of the website
  • use of our website
  • Marketing and providing our products
  • Sale and delivery of our products
  • System security and stability

The data processing takes place at your request and is necessary according to Article 6 Paragraph 1 Clause 1 Letter b GDPR for the stated purposes for the fulfillment of the contract and pre-contractual measures or you have according to Article 6 Paragraph 1 Clause 1 Letter a GDPR you have given your consent to the data processing described since you have accessed the website.

When you contact us or enter into a contract

If you contact us via the website, conclude a contract or create a profile, the following data is collected:

  • Personal data (in particular: surname, first name, address, e-mail, user name, passwords)
  • Information about orders, purchases, services made

The data processing takes place at your request and is necessary according to Article 6 Paragraph 1 Clause 1 Letter b GDPR for the stated purposes for the fulfillment of the contract and pre-contractual measures or you have according to Article 6 Paragraph 1 Clause 1 Letter a DSGVO given your consent to the data processing described.

3. Disclosure of data to third parties (including joint controllers and contract data processors)

    We use external service providers (processors) e.g. B. for web hosting, payment processing or transport services. Separate order data processing has been concluded with the service providers to ensure the protection of your personal data.

    4. To process the contract

      Your personal data will be passed on to third parties insofar as this is legally permissible under Article 6 (1) sentence 1 lit. b GDPR and is necessary for the processing of contractual relationships with you. This includes in particular the transfer to shipping companies for the purpose of delivering the goods you have ordered and the transfer of payment data to payment service providers or credit institutions in order to carry out a payment transaction. The data passed on may only be used by the third party for the stated purposes.

      5.Cookies

        We use cookies (session cookies as well as temporary and permanent cookies) on our website. These are small files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. A cookie does not always mean that we can identify you.

        On the one hand, the use of cookies serves to log the frequency of use, number of users and behavior on our website, to increase the security of website use and to make our information offer user-friendly. As soon as you leave the website, these cookies are automatically deleted.

        In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.

        The legal basis for data processing is Article 6 Paragraph 1 Clause 1 Letter f GDPR. Our legitimate interest follows from the operation of the website.

        You can configure your browser settings so that no cookies are stored on your computer. The complete deactivation of cookies can mean that you cannot use all the functions of our website.

        By continuing to use our website and/or agreeing to this data protection declaration, you agree that we may set cookies and thus collect, store and use personal usage data, even after the end of the browser session. You can revoke this consent at any time by activating the browser setting to refuse third-party cookies.

        6. Analysis Tools

          Shopify Marketing Tracking Tool

          Our website uses the Shopify Marketing Tracking Tool from Shopify International Limited. Shopify Marketing Tracking uses cookies (see under Cookies). These enable an analysis of the use of our website including IP addresses.

          The legal basis for data processing is Article 6 Paragraph 1 Clause 1 lit. a and f GDPR.

          7. Social Media Plugin

            We use the social plugins below on our website to make our company better known. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of Article 6 (1) (f) GDPR. Responsibility for data protection-compliant operation is to be guaranteed by their respective providers. Data processing in connection with these plug-ins takes place with your consent when you use these plug-ins.

            If you use the services of these social networks independently or in connection with our website, the social networks evaluate your use of the plug-in. In this case, information about the plug-in is forwarded to the social networks.

            vimeo

            Vimeo is an Internet video portal founded in 2004 by the US company Vimeo LLC, headquartered at 555 West 18th Street, New York, New York 10011. Video publishers can use it to publish videos for their content marketing or embed Vimeo videos on their website. Users can upload, watch, comment on and rate videos.

            We embed Vimeo videos on our website. If you call up the Internet pages of our Internet presence provided with such a plugin, a connection to the Vimeo servers is established and the plugin is displayed. This transmits to the Vimeo server which of our websites you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin, such as clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding Vimeo cookies.

            The data protection regulations published by Vimeo, which can be accessed at https://vimeo.com/de, provide information about the collection, processing and use of personal data by Vimeo.

            The legal basis for data processing is Article 6 Paragraph 1 Clause 1 lit. a and f GDPR.

            Newsletter

            With the registration for the newsletter and the confirmation of receipt of the newsletter (double opt-in), the following personal data is processed: last name, first name, e-mail address. The data is processed for the purpose of authenticating the person registering when registering and sending the person registering a newsletter, determining whether and when they opened it and individual articles on it.

            The data you enter for the purpose of subscribing to the newsletter will be processed by our provider. This data is processed exclusively on the basis of your consent. You can revoke this consent at any time, for example via the "Unsubscribe" link in the newsletter. The data processing operations that have already taken place remain unaffected by the revocation. If we send newsletters with the help of our provider, we can determine whether a newsletter has been opened and which links have been clicked.

            8. Cross-border disclosure in third countries without an adequate level of data protection

              If we process data in a third country (ie outside the European Union (EU), the European Economic Area (EEA)) or the processing within the framework of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies takes place, this is only done in accordance with the legal requirements.

              Subject to express consent or contractually or legally required transmission, we only process the data in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, if there are certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

              9. Your Rights

                You have the right:

                • Request information about your personal data processed by us. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right of appeal, the origin of your data, if they were not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details (Article 15 GDPR). If the effort involved is disproportionately large, we reserve the right to ask you to provide proof of identity and to assume the actual costs in advance.
                • Immediately request the correction of incorrect or incomplete personal data stored by us (Article 16 GDPR).
                • Request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 17 GDPR).
                • Request the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need them to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR (Art. 18 GDPR).
                • To receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible (Article 20 GDPR).
                • To revoke your consent once given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future (Article 7 (3) GDPR).
                • To complain to a supervisory authority (see below) (Article 77 GDPR).

                10. Right to Object

                  If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided that there are reasons for this arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.

                  11. Data Security

                    Your data is protected using SSL encryption and organizational measures within the company.

                    12. Retention Period

                      Your data will be processed in a trustworthy, responsible manner as described in this data protection declaration and in accordance with applicable data protection law. We store the data only for as long and to the extent necessary for the purposes described or for legal reasons.

                      13. Contact Information

                        This data protection declaration applies to data processing by:

                        Responsible

                        AT Spirits Wine GmbH

                        Rautistrasse 332
                        8048 Zurich
                        Switzerland

                        Telephone: +41 79 801 90 30
                        Email: info@blue-cask.com
                        www.blue-cask.com

                        Supervisory authority: Federal Information and Data Protection Commissioner, FDPIC, Feldeggweg 1, 3003 Bern, Switzerland.

                        14. Updating and changing this data protection declaration

                          We can change or adapt this data protection declaration at any time. The current data protection declaration can be accessed at www.blue-cask.com.

                          Zurich, 2022