Online data privacy statement

We see it as one of our primary responsibilities to safeguard the confidentiality of the personal data you provide and protect it against unauthorised access. We therefore take the utmost care and deploy the latest security standards to maintain maximum protection of your personal data.

General notes and information

Name and contact details

Carrosserie HESS AG is responsible for the website www.hess-ag.ch and has the following contact details:

Carrosserie HESS AG

Bielstrasse 7

4512 Bellach

T +41 (0)32 617 34 11

Extent of the processing of personal data

We fundamentally only process personal data from our users if this is necessary to provide a functional website and our content and services. The personal data of our users is only processed with the user’s consent. An exception applies in cases where, for practical reasons, it is not possible to gather consent in advance and the processing of the data is permitted by statutory regulations or we have a legitimate interest in the processing.

Purposes of data processing

We process your personal data for contract performance and for the purposes stated in this data privacy statement. Your personal data shall not be transmitted to third parties for purposes other than those stated. If your data ends up overseas, appropriate data protection shall be guaranteed. We shall only pass on your personal data to third parties if:

  • you have granted your express consent;
  • the processing is required to perform a contract with you;
  • the processing is required to comply with a legal obligation;
  • the processing is required to safeguard legitimate interests and there is no reason to assume that you have an overriding valid interest in your data not being passed on.

 

Deletion of the data

We comply with the principles of data avoidance and data economy. We only save your personal data for as long as necessary to achieve the purposes stated here or for as long as foreseen in the various retention periods prescribed by the legislator. Once the relevant purpose or these retention periods have come to an end, the corresponding data shall routinely be anonymised or deleted in line with statutory provisions.

Rights of the data subject

Subject to statutory restrictions (e.g. statutory retention obligations), you can exercise the following rights at any time using the contact details stated below:

  • Right to receive information on the data saved and how it is processed;
  • Right to rectification of incorrect personal data;
  • Right to erasure of the data saved;
  • Right to restrict data processing if we are not yet permitted to erase your data due to statutory obligations;
  • Right to object to your data being processed.
  • If you have granted your consent, you can withdraw this at any time with effect for the future.

 

 

 

SSL encryption

To protect the security of your data when it is transferred, we use the latest technology in line with corresponding encryption methods (e.g. SSL) via HTTPS. You can recognise an encrypted connection by the fact that the address in the browser changes from “http://” and “https://” and the appearance of the lock symbol in your browser. The SSL encryption means that the data you send to us cannot be read by third parties.


Data collection on our website

Protecting your private sphere is important to us. We will explain through the measures stated below which of your personal data we process when you visit our website or use our online services.

Contact form and e-mail contact

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input screen is sent to us and saved. The following data is entered:

  • Title/company
  • Surname
  • First name
  • Address
  • Post code/town
  • Telephone
  • E-mail

We gather your consent for data being processed as part of the sending process and refer to this data privacy statement. Personal data from the input screen is only processed to handle the contact process.

You can also contact us using the e-mail address provided. In this case, the user’s personal data sent with the e-mail is saved. No data is passed on to third parties in this regard. The data is solely used for handling the conversation.

The data is deleted as soon as it is no longer required for achieving the purpose for which it was collected. For the personal data entered in the input screen of the contact form and sent by e-mail, this is the case once the relevant conservation with the user has come to an end. The conversation is ended when it can be gathered from the circumstances that the issue in question has been conclusively resolved. The user has the opportunity to withdraw consent to their personal data being processed at any time.

Applications and application procedures

We collect and process personal data from applicants for the purpose of handling the application procedure.

During the online application process, the personal data you send us is saved in the applicant database. This includes all the data entered in the form such as title, surname, first name and e-mail address. All documents submitted along with the application are also recorded.

This is particularly the case if an applicant sends us application documents electronically, for example via e-mail or a web form on the website or a connected job portal (iFrame) from job.ch operated by JobCloud AG. Further information on the purpose and extent of the data collection and its processing by JobCloud AG can be found in the provider’s data privacy statement. Carrosserie Hess AG shall assume no responsibility for the collection and handling of personal data by third parties and their services and applications. The corresponding data privacy provisions from the third-party provider shall apply.

If an employment contract is concluded with an applicant, the data sent for the purpose of handling the employment relationship is stored and processed further in accordance with statutory regulations. If no employment contract is concluded with the applicant, the application documents shall be deleted 3 months after disclosure of the rejection at the latest, provided that we do not have any legitimate interests that would prevent them from being deleted. A legitimate interest in this sense is, for example, burden of proof in proceedings under the Equality Act.

Recording of general information when you visit our website (server log files)

When you access our website, general information is automatically recorded via a cookie. This information (server log files) contains:

  • IP address
  • Date/time of the request, time zone difference from (GMT)
  • Content of the request (specific page)
  • Access status/http status code
  • Data volume transferred
  • Website from which the request comes
  • User agent (e.g. browser, operating system and its surface, language and version of the browser software)

The web server log files are saved for 30 days as standard.

This information is necessary from a technical perspective to correctly deliver the website content you requested. Deactivating cookies restricts use of the site, as the deactivation may mean that some functions of the website cannot be used.

You can configure your browser accordingly to prevent cookies being installed at any time or receive a warning before a cookie is accepted and decide yourself whether or not you want to approve cookies.

In particular, they are processed for the following purposes:

  • Safeguarding the functionality of the website
  • Optimising the website
  • Ensuring the security of our IT systems

Your personal data is processed on the basis of our legitimate interest to collect data for the previously stated purposes. We do not use your data to draw conclusions about your person. Only the responsible body shall receive the data. The data is not evaluated for marketing purposes or sent to third parties in this regard.

 

Use of cookies

When accessing our website, users are informed via an information banner about the use of cookies for analysis purposes and referred to this data privacy statement.

What are cookies?

We use so-called cookies on our website. These are small files that are saved on your computer or mobile end device when you visit or use our internet pages. Cookies save certain settings and data about the exchange with the internet page via your browser. When a cookie is activated it is assigned an identification number (cookie ID) that is used to identify your browser and via which the information contained in the cookie can be used.

Most of the cookies we use are temporary session cookies, which are automatically deleted from your computer or mobile end device at the end of the browser session.

  • fe_typo_user: this cookie is a standard session cookie from TYPO3. If a user logs in, it saves the session ID which is used to recognise the logged-in user and give them access to protected areas.
  • be_typo_user: this cookie informs TYPO3 whether the visitor is registered in the TYPO3 backend and who the backend user is (only relevant for administrators).

We also use permanent cookies. These are still saved on your computer or mobile end device after the end of the browser session. Depending on the nature of these permanent cookies, they remain saved on your computer or mobile end device for a period of between one month and ten years and are automatically deactivated after the programmed time.

Why do we use cookies?

The cookies we use enable various functions of our website. For example, cookies help us to save your default country and language settings and basket across various pages within an internet session.

Cookies also enable us to record and analyse the usage behaviour of visitors to our internet pages. This enables us to design our internet pages in a more user-friendly and effective manner and make your visit to our internet pages as pleasant as possible. We can also show you information especially tailored to your interests.

What data is collected?

Cookies record information on use such as the date and time you accessed our website, name of the internet page visited, the IP address of your end device and the operating system used. For example, cookies provide information about which of our content pages you visit and via which website you came to our website.

Third-party cookies

The cookies or corresponding technologies saved on your computer or mobile end device may come from independent third parties. These so-called third-party cookies are addressed separately in our online data privacy statement.

Deactivation of the cookies

You can configure your browser setting in line with your preferences and, for example, reject the acceptance of third-party cookies or all cookies. Please note that deactivating the cookies may mean that you are unable to use all functions of this website. These so-called third-party cookies are addressed separately in our online data privacy statement.

The next sections describe the aforementioned independent third parties that also use cookies (third-party cookies).

Google Tag Manager

This website uses Google Tag Manager. This service makes it possible to manage website tags via an interface. Google Tool Manager only implements tags. That means: no cookies are set, and no personal data is recorded. Google Tool Manager triggers other tags that may, on the other hand, record data. However, Google Tag Manager does not access this data. If a deactivation was performed at the domain or cookie level, this shall apply to all tracking tags if they are implemented with Google Tag Manager.

Use of Google Analytics

This website uses Google Analytics, a web analysis service from Google LL.C., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We can use the statistics generated to improve our offering and make it more interesting for you as users. This website also uses Google Analytics to analyse visitor flows from different devices that come via one user ID. If you have a Google user account, you can deactivate the analysis of your use across different devices under the “My data”, “personal data” settings.

The IP address sent from your browser within the context of Google Analytics is not combined with other data from Google. Please note that Google Analytics is extended by the code “_anonymizeIp();” on this website to guarantee anonymised recording of IP addresses. IP addresses are further processed in abbreviated form so that it is not possible to link them to an individual. If a personal connection can be inferred from the collected data, this shall be rejected immediately and the personal data deleted without delay.

Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there. Google uses this information on behalf of the website operator to evaluate your use of the website, prepare reports on website activities and perform other services connected with the website use and internet use for the website operator. For the exceptional cases where personal data is sent to the USA, Google is subject to the Swiss-US Privacy Shield: www.privacyshield.gov/participant;

Google Analytics uses cookies. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and saved there. You can prevent the cookies being saved by setting your browser software accordingly; however, please note that in this case you may not be able to use all functions of this website in full. You can also prevent the data generated by the cookie about your use of the website (incl. your IP address) being sent to Google and this data being processed by Google by downloading and installing the browser plug-in available via the following link: tools.google.com/dlpage/gaoptout. 

Use of Google Maps

We use Google Maps on this website, which is an online map service from Google LL.C., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). It enables us to show you interactive maps directly in the website so that you can easily use the maps function.

When you visit the website, Google receives the information that you have accessed the corresponding sub-page on our website. The data collected when you visit our website is also transmitted. This is the case regardless of whether Google provides a user account via which you are logged in or there is no user account. If you are logged in to Google your data will be directly assigned to your account. If you do not want the data to be assigned to your Google profile, you must log out before activating the button. Google saves your data as a user profile and uses it for advertising purposes, market research and/or the appropriate design of your website. This evaluation is performed in particular (even for users who are not logged in) to provide tailored advertising and inform other users of the social network about your activities on our website. You have the right to object to this user profile being created but you must address this objection to Google.

You can find further information on the purpose and extent of the data collection and processing by the plug-in provider in the provider’s data privacy statement. This also contains more information on your rights in this regard and the configuration options for protecting your private sphere: www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the Swiss-US Privacy Shield: www.trade.gov/td/services/odsi/swiss-us-privacyshield-framework.pdf 

Social Plug-in Facebook

We also use so-called social plug-ins on our website. The plug-ins can be recognised through the logo of the relevant social network. To protect your data, these buttons on the website are only integrated as a graphic that contains a link to the corresponding website of the button provider. Clicking on the graphic sends you to the services of the relevant providers and only then will your data be sent to the relevant providers. If you do not click on the graphic, there will be no exchange between you and the operators of the social media buttons. Information on the collection and use of your data in social networks can be found in the conditions of use from the relevant provider.

 

 

Google Web Fonts

This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at developers.google.com/fonts/faq and in Google's privacy policy: www.google.com/policies/privacy/

Hubspot

We use HubSpot for our online marketing activities. This is an integrated software solution that we use to cover various aspects of our online marketing. 

These include: 

Content Management (website and blog) 

Email marketing (newsletters and automated mailings, e.g. to provide downloads) 

Reporting (e.g. traffic sources, hits, etc. ...) 

Contact management (e.g. user segmentation & CRM) 

Landing pages and contact forms 

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. 

This information, as well as our website content, is stored on servers operated by our software partner HubSpot. It may be used by us to contact visitors to our website and to determine which of our company's services are of interest to them. 

All information we collect is subject to this privacy policy. We use all information collected solely to optimize our marketing. 

HubSpot is a software company based in the USA with a branch office in Ireland. 

Contact: 

HubSpot 

2nd Floor 30 North Wall Quay 

Dublin 1, Ireland, 

Phone: +353 1 5187500. 

HubSpot is certified under the terms of the "Swiss - US Privacy Shield" and is subject to TRUSTe 's Privacy Seal. 

More information about HubSpot's privacy policy 

More information about the cookies used by HubSpot can be found here & here

17. data subject rights 

You can exercise the following rights at any time using the contact details provided: 

Information about your data stored by us and its processing, 

Correction of incorrect personal data, 

Deletion of your data stored by us, 

Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations, 

Objection to the processing of your data by us 

If you have given us your consent, you can revoke it at any time with effect for the future. 

Purposes of data processing 

We process your personal data for the fulfillment of the contract and for the purposes stated in this privacy policy. Your personal data will not be transferred to third parties for purposes other than those stated. Should the data be transferred abroad, appropriate data protection will be ensured. We will only pass on your personal data to third parties if: 

you have given your express consent to this, 

the processing is necessary for the execution of a contract with you, 

the processing is necessary for compliance with a legal obligation, 

the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data. 

Deletion of data 

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions. 

Collection of general information 

When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider and the like. This is exclusively information that does not allow any conclusions to be drawn about your person. 

This information is technically necessary in order to correctly deliver the content of web pages requested by you and is mandatory when using the Internet. In particular, they are processed for the following purposes: 

Ensuring a smooth connection setup of the website, 

Ensuring the smooth use of our website, 

evaluating system security and stability, and 

for statistical purposes in order to improve the website. 

The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Data will not be disclosed to third parties with the exception of order processors. 

Anonymous information of this kind is statistically evaluated by us, if necessary, in order to optimize our Internet presence and the technology behind it. 

Cookies 

We use cookies on the website. Cookies are data that the visited website or its server stores in your computer via the browser in order to recognize it later. Your computer sends the cookie information back to the server with each new visit to this website. Cookies are used, for example, to display complex and dynamic content in order to recognize you the next time you visit the website, i.e. to increase user-friendliness. By configuring your browser accordingly, you can prevent the installation of cookies at any time or have a warning displayed before accepting a cookie and thus determine for yourself whether you want to accept cookies or not. In principle, our website can also be used without accepting cookies, although individual functionalities may then be restricted. 

Forms 

Our website contains forms that can be used to contact us electronically or to register for an event. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. Your consent is obtained for the processing of the data during the submission process. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. 

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation. 

Blog

When users leave comments on our blog, in addition to this information, the time of their creation and the user name and e-mail address previously selected by the website visitor are stored. This serves our security, as we can be prosecuted for unlawful content on our website, even if it was created by users. 

Newsletter 

On our website there is the possibility to subscribe to a free newsletter. When subscribing to the newsletter, the data from the input mask (name, first name, e-mail address) is transmitted to us. For the processing of the data, your consent is obtained during the registration process. For an effective registration we need a valid e-mail address. Hess AG uses the functions of the HubSpot software for newsletter dispatch (for more information, see article 16. Hubspot)." 

Amendment to our data protection provision

We reserve the right to amend this data privacy statement so that it is always in line with the current legal requirements or to incorporate changes to our services into the data privacy statement e.g. if new services are introduced. The new data privacy statement shall apply to your next visit to the website.