We know that the careful handling of your personal information is important to you. Therefore, we appreciate your trust that Loxopay handles this information conscientiously. Loxopay is responsible for the collection, processing, disclosure, storage and protection of your personal information and ensures compliance with the Swiss Data Protection Act. This consent can be revoked at any time with effect for the future.
1. Contact details
Responsible for data processing is:
+41 71 575 76 64
You can reach the data protection officer of Loxotipu GmbH at: email@example.com.
2. The nature and extent of the collection of personal data
when visiting our website
When you visit our online presence, the web server technology we use automatically logs general technical visit information. This includes, among other things, the IP address of the device used (anonymized), information about the browser type, the Internet service provider and the operating system used.
Registration on our website
The data subject has the possibility to register on the website of the controller by providing personal data. Which personal data are transmitted to the controller in the process results from the respective input mask used for the registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the data to be transferred to one or more processors, for example a parcel service provider, who will also use the personal data exclusively for an internal use attributable to the controller. By registering on the website of the controller, the IP address assigned by the Internet service provider (ISP) of the data subject, the date as well as the time of registration are furthermore stored. The storage of this data takes place against the background that only in this way can the misuse of our services be prevented and, if necessary, this data makes it possible to clarify criminal offences that have been committed. In this respect, the storage of this data is necessary for the protection of the data controller. As a matter of principle, this data will not be disclosed to third parties unless there is a legal obligation to disclose it or the disclosure serves the purpose of criminal prosecution. The registration of the data subject by voluntarily providing personal data serves the purpose of the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have them completely deleted from the data base of the controller. The controller shall provide any data subject at any time, upon request, with information on what personal data is stored about the data subject. Furthermore, the controller shall correct or delete personal data at the request or indication of the data subject, provided that this does not conflict with any statutory retention obligations. The entire staff of the controller shall be available to the data subject as contact persons in this context.
3. Data security
We use technical and organizational security measures in accordance with recognized market standards to protect personal data stored by us against accidental, unlawful or unauthorized manipulation, deletion, alteration, access, disclosure or use and against partial or total loss. The servers of Loxopay are located in a multiple certified and secured data center in Switzerland. The connection to our servers is made via SSL encryption. We carry out regular backups of customer data. In order to prevent data loss even in extreme cases (e.g. destruction of the data centre by an earthquake), the encrypted backups are stored in parallel in several data centres in Switzerland and abroad. Our security measures are continuously adapted and improved in line with technological developments. We accept no liability for the loss of data or for third parties gaining knowledge of or using such data. Furthermore, we cannot guarantee the security of data transmission on the Internet. In particular, there is a risk of access by third parties when data is transmitted by e-mail. However, access is protected by means of HTTPS. If explicitly requested by the customer, the customer can opt for dual authentication at any time.
4. Purpose of the processing of personal data / Recipients of the data
We process the data collected in order to be able to continuously improve the products and services you have requested, to manage your use of and access to our products and information, to maintain our business relationship with you, to monitor and improve the performance of our offering, to identify, prevent or detect illegal activities and to send you advertising, information or marketing material about products or services which we believe, based on the data, may be of interest to you. The data may also be passed on to partner companies and service providers, selected third-party companies, institutes and/or legally authorised government authorities, both in Switzerland and abroad, for processing and storage within the scope of the above-mentioned purposes. If the processing or storage of personal information takes place in countries that do not ensure adequate data protection compared to Swiss data protection law, we require the processor under contractual obligation to fully comply with the relevant provisions from the EU GDPR.
We have some of the aforementioned processes and services carried out by service providers who have their registered office within the EU or Switzerland and who comply with data protection regulations. These are companies in the categories of IT services, payment transactions, printing service providers, billing, collection and consulting as well as sales and marketing and service providers that we use in the context of order processing relationships.
Cookies help to make your visit to our websites easier, more pleasant and more meaningful. Cookies are information files that your web browser automatically stores on your computer's hard drive when you visit our website and use our services.
You can independently manage your security settings in the browser and thus block or deactivate cookies used by us, whereby certain services of Loxopay may then no longer be (fully) usable.
Tracking and analysis tools / social media
The use of our digital offers is measured and evaluated by means of various technical systems, mainly from third-party providers such as Google Analytics. These measurements can be both anonymous and personal. In this context, it is possible that the collected data is in turn passed on by us or the third-party providers of such technical systems to third parties in Germany and abroad for processing. The most frequently used and best-known analysis tool is Google Analytics, a service provided by Google Inc. This means that the data collected can, in principle, be transmitted to a Google server in the USA.
The analysis of data by other tools of the website owner is not prevented when you use the add-on. Data may still be sent to the website or other web analytics services.
Integration of third-party offers / social media
Our digital offerings are networked with third-party functions and systems in a variety of ways, for example by integrating plug-ins from third-party social networks such as Facebook, Twitter, etc. in particular. If you have a user account with these third parties, it may also be possible for them to measure and evaluate your use of our digital offerings. In doing so, further personal data, such as IP address, browser settings and other parameters may be transmitted to these third parties and stored there. We have no control over the use of such personal data collected by third parties and accept no responsibility or liability. Moreover, Loxopay has no detailed knowledge of what data is transmitted to the third party providers, where it is transmitted to and whether it is anonymised.
6. Automatic decisions
Loxopay does not use profiling or automated decision-making techniques. Should Loxopay use these techniques in individual cases, you will be informed about this separately, if this is required by law.
7. Communication by email
You can unsubscribe from receiving electronic mailings at any time or adjust the type and scope of this marketing service.
8. Legal basis of the processing
The processing of your data is carried out in accordance with Article 6 (1) letter b DS-GVO for the performance of the contract. The subject of the contract are the services mentioned above.
Likewise, the processing of your data, as described above, is carried out to protect the legitimate interests of Loxopay (Article 6(1)(f) DS-GVO). These are the improvement of products and services, to monitor and improve the performance of the offer and to detect, prevent or investigate illegal activities.
In addition, the data is processed in accordance with Article 6 (1) (c) DS-GVO for the fulfilment of legal obligations (e.g. storage and documentation obligations). This includes in particular your personal master data.
9. Duration of storage
Loxopay processes and stores your personal data as long as you use our services. It should be noted that the contractual relationship is a continuing obligation, which is designed for years.
If the data are no longer necessary for the fulfilment of contractual or legal obligations, they are regularly deleted, unless their - temporary - further processing is necessary for the following purposes:
- Fulfilment of retention obligations under commercial and tax law in Switzerland: Particularly worthy of mention is the ten-year period for keeping and retaining business records (OR 958f).
- Fulfilment of retention obligations under commercial and tax law in Germany: These include the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are two to ten years.
- Preservation of evidence within the framework of the statutory limitation provisions in Germany. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
10. Information, correction, deletion, blocking, consent
You have the following rights in relation to your personal data:
- the right to information in accordance with Article 15 of the GDPR,
- the right of rectification under Article 16 of the GDPR,
- the right to erasure in accordance with Article 17 DS-GVO,
- the right to restrict processing in accordance with Article 18 of the GDPR,
- the right to data portability from Article 20 DS-GVO, as well as
- the right to object pursuant to Article 21 of the GDPR.
If you are asked to give your consent in connection with the services of Loxopay, you give this consent by clicking the appropriate checkbox that Loxopay may collect, process and use your personal data accordingly.
You can of course revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation. The revocation can be sent in writing to the address of Loxopay mentioned at the beginning. However, it is also sufficient to send an e-mail to the address firstname.lastname@example.org. However, some of the services and functions will no longer be available to you thereafter.
With regard to the right of information and the right of deletion, the restrictions according to §§ 34 and 35 BDSG apply. In addition, there is a right of appeal to a competent data supervisory authority (Article 77 DS-GVO, Section 40 BDSG).
11. Links to other websites
The Loxopay website contains hyperlinks to third party websites that are not operated or controlled by Loxopay. Loxopay is not responsible for their content or data protection practices.
Last updated: June 2021