This site uses cookies. For full details read our cookie policy.



Online data privacy statement

We see it as one of our primary responsibilities to safeguard the confidentiality of the personal data you provide and protect it against unauthorised access. We therefore take the utmost care and deploy the latest security standards to maintain maximum protection of your personal data.

General notes and information

Name and contact details

Carrosserie HESS AG is responsible for the website and has the following contact details:

Carrosserie HESS AG

Bielstrasse 7

4512 Bellach

T +41 (0)32 617 34 11

Extent of the processing of personal data

We fundamentally only process personal data from our users if this is necessary to provide a functional website and our content and services. The personal data of our users is only processed with the user’s consent. An exception applies in cases where, for practical reasons, it is not possible to gather consent in advance and the processing of the data is permitted by statutory regulations or we have a legitimate interest in the processing.

Purposes of data processing

We process your personal data for contract performance and for the purposes stated in this data privacy statement. Your personal data shall not be transmitted to third parties for purposes other than those stated. If your data ends up overseas, appropriate data protection shall be guaranteed. We shall only pass on your personal data to third parties if:

  • you have granted your express consent;
  • the processing is required to perform a contract with you;
  • the processing is required to comply with a legal obligation;
  • the processing is required to safeguard legitimate interests and there is no reason to assume that you have an overriding valid interest in your data not being passed on.


Deletion of the data

We comply with the principles of data avoidance and data economy. We only save your personal data for as long as necessary to achieve the purposes stated here or for as long as foreseen in the various retention periods prescribed by the legislator. Once the relevant purpose or these retention periods have come to an end, the corresponding data shall routinely be anonymised or deleted in line with statutory provisions.

Rights of the data subject

Subject to statutory restrictions (e.g. statutory retention obligations), you can exercise the following rights at any time using the contact details stated below:

  • Right to receive information on the data saved and how it is processed;
  • Right to rectification of incorrect personal data;
  • Right to erasure of the data saved;
  • Right to restrict data processing if we are not yet permitted to erase your data due to statutory obligations;
  • Right to object to your data being processed.
  • If you have granted your consent, you can withdraw this at any time with effect for the future.




SSL encryption

To protect the security of your data when it is transferred, we use the latest technology in line with corresponding encryption methods (e.g. SSL) via HTTPS. You can recognise an encrypted connection by the fact that the address in the browser changes from “http://” and “https://” and the appearance of the lock symbol in your browser. The SSL encryption means that the data you send to us cannot be read by third parties.

Data collection on our website

Protecting your private sphere is important to us. We will explain through the measures stated below which of your personal data we process when you visit our website or use our online services.

Contact form and e-mail contact

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input screen is sent to us and saved. The following data is entered:

  • Title/company
  • Surname
  • First name
  • Address
  • Post code/town
  • Telephone
  • E-mail

We gather your consent for data being processed as part of the sending process and refer to this data privacy statement. Personal data from the input screen is only processed to handle the contact process.

You can also contact us using the e-mail address provided. In this case, the user’s personal data sent with the e-mail is saved. No data is passed on to third parties in this regard. The data is solely used for handling the conversation.

The data is deleted as soon as it is no longer required for achieving the purpose for which it was collected. For the personal data entered in the input screen of the contact form and sent by e-mail, this is the case once the relevant conservation with the user has come to an end. The conversation is ended when it can be gathered from the circumstances that the issue in question has been conclusively resolved. The user has the opportunity to withdraw consent to their personal data being processed at any time.

Applications and application procedures

We collect and process personal data from applicants for the purpose of handling the application procedure.

During the online application process, the personal data you send us is saved in the applicant database. This includes all the data entered in the form such as title, surname, first name and e-mail address. All documents submitted along with the application are also recorded.

This is particularly the case if an applicant sends us application documents electronically, for example via e-mail or a web form on the website or a connected job portal (iFrame) from operated by JobCloud AG. Further information on the purpose and extent of the data collection and its processing by JobCloud AG can be found in the provider’s data privacy statement. Carrosserie Hess AG shall assume no responsibility for the collection and handling of personal data by third parties and their services and applications. The corresponding data privacy provisions from the third-party provider shall apply.

If an employment contract is concluded with an applicant, the data sent for the purpose of handling the employment relationship is stored and processed further in accordance with statutory regulations. If no employment contract is concluded with the applicant, the application documents shall be deleted 3 months after disclosure of the rejection at the latest, provided that we do not have any legitimate interests that would prevent them from being deleted. A legitimate interest in this sense is, for example, burden of proof in proceedings under the Equality Act.

Recording of general information when you visit our website (server log files)

When you access our website, general information is automatically recorded via a cookie. This information (server log files) contains:

  • IP address
  • Date/time of the request, time zone difference from (GMT)
  • Content of the request (specific page)
  • Access status/http status code
  • Data volume transferred
  • Website from which the request comes
  • User agent (e.g. browser, operating system and its surface, language and version of the browser software)

The web server log files are saved for 30 days as standard.

This information is necessary from a technical perspective to correctly deliver the website content you requested. Deactivating cookies restricts use of the site, as the deactivation may mean that some functions of the website cannot be used.

You can configure your browser accordingly to prevent cookies being installed at any time or receive a warning before a cookie is accepted and decide yourself whether or not you want to approve cookies.

In particular, they are processed for the following purposes:

  • Safeguarding the functionality of the website
  • Optimising the website
  • Ensuring the security of our IT systems

Your personal data is processed on the basis of our legitimate interest to collect data for the previously stated purposes. We do not use your data to draw conclusions about your person. Only the responsible body shall receive the data. The data is not evaluated for marketing purposes or sent to third parties in this regard.


Use of cookies

When accessing our website, users are informed via an information banner about the use of cookies for analysis purposes and referred to this data privacy statement.

What are cookies?

We use so-called cookies on our website. These are small files that are saved on your computer or mobile end device when you visit or use our internet pages. Cookies save certain settings and data about the exchange with the internet page via your browser. When a cookie is activated it is assigned an identification number (cookie ID) that is used to identify your browser and via which the information contained in the cookie can be used.

Most of the cookies we use are temporary session cookies, which are automatically deleted from your computer or mobile end device at the end of the browser session.

  • fe_typo_user: this cookie is a standard session cookie from TYPO3. If a user logs in, it saves the session ID which is used to recognise the logged-in user and give them access to protected areas.
  • be_typo_user: this cookie informs TYPO3 whether the visitor is registered in the TYPO3 backend and who the backend user is (only relevant for administrators).

We also use permanent cookies. These are still saved on your computer or mobile end device after the end of the browser session. Depending on the nature of these permanent cookies, they remain saved on your computer or mobile end device for a period of between one month and ten years and are automatically deactivated after the programmed time.

Why do we use cookies?

The cookies we use enable various functions of our website. For example, cookies help us to save your default country and language settings and basket across various pages within an internet session.

Cookies also enable us to record and analyse the usage behaviour of visitors to our internet pages. This enables us to design our internet pages in a more user-friendly and effective manner and make your visit to our internet pages as pleasant as possible. We can also show you information especially tailored to your interests.

What data is collected?

Cookies record information on use such as the date and time you accessed our website, name of the internet page visited, the IP address of your end device and the operating system used. For example, cookies provide information about which of our content pages you visit and via which website you came to our website.

Third-party cookies

The cookies or corresponding technologies saved on your computer or mobile end device may come from independent third parties. These so-called third-party cookies are addressed separately in our online data privacy statement.

Deactivation of the cookies

You can configure your browser setting in line with your preferences and, for example, reject the acceptance of third-party cookies or all cookies. Please note that deactivating the cookies may mean that you are unable to use all functions of this website. These so-called third-party cookies are addressed separately in our online data privacy statement.

The next sections describe the aforementioned independent third parties that also use cookies (third-party cookies).

Google Tag Manager

This website uses Google Tag Manager. This service makes it possible to manage website tags via an interface. Google Tool Manager only implements tags. That means: no cookies are set, and no personal data is recorded. Google Tool Manager triggers other tags that may, on the other hand, record data. However, Google Tag Manager does not access this data. If a deactivation was performed at the domain or cookie level, this shall apply to all tracking tags if they are implemented with Google Tag Manager.

Use of Google Analytics

This website uses Google Analytics, a web analysis service from Google LL.C., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We can use the statistics generated to improve our offering and make it more interesting for you as users. This website also uses Google Analytics to analyse visitor flows from different devices that come via one user ID. If you have a Google user account, you can deactivate the analysis of your use across different devices under the “My data”, “personal data” settings.

The IP address sent from your browser within the context of Google Analytics is not combined with other data from Google. Please note that Google Analytics is extended by the code “_anonymizeIp();” on this website to guarantee anonymised recording of IP addresses. IP addresses are further processed in abbreviated form so that it is not possible to link them to an individual. If a personal connection can be inferred from the collected data, this shall be rejected immediately and the personal data deleted without delay.

Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there. Google uses this information on behalf of the website operator to evaluate your use of the website, prepare reports on website activities and perform other services connected with the website use and internet use for the website operator. For the exceptional cases where personal data is sent to the USA, Google is subject to the Swiss-US Privacy Shield:;

Google Analytics uses cookies. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and saved there. You can prevent the cookies being saved by setting your browser software accordingly; however, please note that in this case you may not be able to use all functions of this website in full. You can also prevent the data generated by the cookie about your use of the website (incl. your IP address) being sent to Google and this data being processed by Google by downloading and installing the browser plug-in available via the following link: 

Use of Google Maps

We use Google Maps on this website, which is an online map service from Google LL.C., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). It enables us to show you interactive maps directly in the website so that you can easily use the maps function.

When you visit the website, Google receives the information that you have accessed the corresponding sub-page on our website. The data collected when you visit our website is also transmitted. This is the case regardless of whether Google provides a user account via which you are logged in or there is no user account. If you are logged in to Google your data will be directly assigned to your account. If you do not want the data to be assigned to your Google profile, you must log out before activating the button. Google saves your data as a user profile and uses it for advertising purposes, market research and/or the appropriate design of your website. This evaluation is performed in particular (even for users who are not logged in) to provide tailored advertising and inform other users of the social network about your activities on our website. You have the right to object to this user profile being created but you must address this objection to Google.

You can find further information on the purpose and extent of the data collection and processing by the plug-in provider in the provider’s data privacy statement. This also contains more information on your rights in this regard and the configuration options for protecting your private sphere: Google also processes your personal data in the USA and is subject to the Swiss-US Privacy Shield: 

Social Plug-in Facebook

We also use so-called social plug-ins on our website. The plug-ins can be recognised through the logo of the relevant social network. To protect your data, these buttons on the website are only integrated as a graphic that contains a link to the corresponding website of the button provider. Clicking on the graphic sends you to the services of the relevant providers and only then will your data be sent to the relevant providers. If you do not click on the graphic, there will be no exchange between you and the operators of the social media buttons. Information on the collection and use of your data in social networks can be found in the conditions of use from the relevant provider.



Amendment to our data protection provision

We reserve the right to amend this data privacy statement so that it is always in line with the current legal requirements or to incorporate changes to our services into the data privacy statement e.g. if new services are introduced. The new data privacy statement shall apply to your next visit to the website.