Privacy Policy

1. General information

Data protection is important to us. We therefore process your personal data with great care and in accordance with the applicable legal requirements. Christian Fischbacher Bed & Bath AG, Mövenstrasse 18, 9015 St. Gallen, Switzerland processes your personal data for various purposes and provides transparent information about this data processing in this document. The term ‘personal data’ refers to all information that can be linked to an identified or identifiable natural person. The term ‘processing’ includes any handling of personal data, e.g. obtaining, disclosing, storing, deleting, etc.

Please read the entire privacy policy carefully. This will tell you how and why we process your personal data and what rights you have in connection with this data processing.

To whom and when does this privacy policy apply?

- if you purchase services or products from us or have a contractual relationship with us
- visitors to our website https://www.christianfischbacher.com/ch/de/
- when you contact us, e.g. by e-mail, letter, via our contact form or another contact tool
- when you receive information or marketing communication from us
- when you register for certain offers (e.g. events)
- when you subscribe to our newsletter
- when you apply for a job with us
- if you deal with us in the context of further data processing in connection with our offers

2. responsibility

The company responsible for the processing of personal data is the one that determines the purpose and means of the processing. The following company or person is the ‘controller’ within the meaning of the FADP, i.e. the body responsible for data protection, unless otherwise communicated in specific individual cases (identity):

Christian Fischbacher Bed & Bath AG Mövenstrasse 18 9015 St. Gallen Switzerland

If you have any concerns or questions about data protection, you can contact us at the following address:

E-Mail: info@christianfischbacher.com
Phone: +41 (0)71 552 50 00

Although we endeavour to ensure that our website is available 24/7, we accept no liability for any downtime. We provide access to our website on a temporary basis and reserve the right to withdraw or amend the services on our website without notice. We will not be liable if for any reason the website is unavailable at any time or for any period.

3. personal data to be processed

We also process different categories of personal data in view of the different purposes. In the case of contractual partners who are companies, we process less personal data - here we process in particular data of contact persons of the companies (e.g. name, e-mail address, function in the company, communication data). You provide us with much of the following personal data yourself. However, you are generally not obliged to do so. If you provide us with data about other persons, we assume that you are authorised to do so and that this data is also correct. You automatically confirm this when you provide us with data about these third parties. Please ensure that the third parties concerned have been made aware of this privacy policy.

3.1 Basic data and contact information

Basic data and contact information relate directly to your person and characteristics (e.g. to contact you). For example, we process the following basic data:

- Surname, first name
- gender
- Date of birth
- Address
- e-mail address
- Telephone number
- Nationality and residence permit status

We receive this master data directly from you. Under certain conditions, however, we may also obtain personal data from third parties, e.g. from our contractual partners, associations and address dealers and from publicly accessible sources such as the Internet.

3.2 Contract data

Contract data is information that arises in connection with the fulfilment of the contract. We process the following data:

- Customer history
- Access data and logins

3.3 Application data

Application data is data that is collected in connection with your application to us, e.g. the following data:

- CV, letter of motivation
- Work and degree certificates
- Information about your current job (e.g. notice period)
- salary expectations
- Information in connection with a job interview

3.4 Communication data

Communication data is data that arises in connection with communication with you, e.g. the following data:

- Contact details such as postal address, e-mail address and telephone number
- Content of all correspondence
- Information on the type, time and other marginal data of the communication

3.5 E-mail newsletter

Our newsletters offer you regular updates and news from the world of Christian Fischbacher. You can subscribe to the newsletter using a specific registration form, where you must give your consent to the use of the data you have entered at the end. If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. We will keep a record of your registration and the associated e-mail address for as long as we have a legitimate interest in proving your consent.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the ‘unsubscribe’ link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

You have the option at any time to object to the delivery of the newsletter and/or the use of your data for advertising purposes or to revoke your consent without giving reasons. At the end of each newsletter, you will find links that allow you to easily unsubscribe. After unsubscribing, you will not receive any further newsletters from us. Your wishes and your privacy are our top priority and we respect your decision regarding the use of your data.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

3.6 Location data and technical data

When you visit our website, technical data is collected. This includes the following data, for example:

- Location and traffic data
- IP address of the end device and device ID
- Information about your device, the operating system of your device
- Information about your internet provider
- Content accessed or logs in which the use of our systems is recorded
- Date and time of access to the website

4. purposes of our data processing

It is important to us to protect your privacy.

Where permitted, we process your personal data for various purposes in which we have a legitimate interest corresponding to the purpose:

- For contract fulfilment
- To improve our services and products
- For marketing and information purposes (e.g. so that we can inform you about offers or new activities in line with your personal interests)
- To review your application (so that we can assess whether you are suitable for a position with us)
- To maintain our IT security (in particular to monitor the performance of our website)
- For internal administration (e.g. in the context of accounting or archiving data)
- To comply with legal requirements (e.g. to process complaints, prevent and investigate criminal offences or other misconduct)
- To assert legal claims (if necessary, we also process personal data in order to assert claims in and out of court and before authorities in Switzerland and abroad or to defend ourselves against legal claims)

5. data processing in connection with social media

If you contact us via social media and our profiles there, e.g. on Facebook, Instagram, YouTube, TikTok, LinkedIn, Pinterest etc., comment on content or disseminate posts, we collect information that we can use for marketing purposes, for example. The respective provider of a social media platform also collects data itself when you visit our profile. Further information on data processing by a social media provider itself can be found in the respective privacy policy of this provider.

On our website, we offer you the option of using a so-called social media plugin from Instagram to integrate functions of the respective provider on our website. These plugins are deactivated by default, but are activated when you click on the social media icon on the website. You can address requests for information and other data subject enquiries in connection with these social media providers directly to the provider in question.

6. online advertising technologies

We use online advertising technologies such as cookies on our website. We use them to measure the user-friendliness and success of the website and online advertising campaigns.

6.1 What are online advertising technologies such as cookies?

If we track you, we can distinguish your access from access by other users so that we can ensure the functionality of the website and carry out statistical analyses. Each time you access a page, you are recognised as an individual visitor and can therefore be distinguished from other people, for example by the server assigning a unique identification number to your browser (this is known as a ‘cookie’). Cookies are automatically stored on your end device when you visit our website. We use cookies, for example, to save settings between your visits to the website or to collect statistical, technical data.

6.2 Which cookies or online advertising technologies do we use?

We use analytics services so that we can optimise our website. In the following, we explain how our most important analytics service providers work by way of example. Other third-party providers of corresponding tools generally process personal data in a similar way.

- Google Analytics, an analytics service provided by Google LLC and Google Ireland Ltd. Google Ireland Ltd. is the controller for the processing of personal data. Google uses cookies and online advertising techniques to analyse certain information about the behaviour of individual users on the website. On the basis of the analysed data, Google provides us with evaluations, but also processes data for its own purposes. Information on data protection at Google Analytics can be found here: https://policies.google.com/privacy

- Google Ads Conversion The use of Google AdWords enables us to create targeted advertising content and optimise our online advertising measures. Google AdWords is a service from Google Inc. that provides us with tools to design, analyse and improve our advertisements in line with requirements. We also use Google AdWords conversion tracking. A cookie is stored on your computer when you click on an advert placed by Google. These cookies have a limited validity period of 30 days and are not used for personal identification. They merely enable us and Google to recognise that you have clicked on an ad and visited a specific page on our website; each AdWords customer receives their own cookie and the cookies cannot be tracked via the websites of other AdWords customers. The data collected through conversion tracking is used to create anonymous conversion statistics for those AdWords customers who have opted for this tracking. Please note that the use of Google AdWords establishes a direct connection to Google's servers. We have no influence on data processing by Google. If you are registered with Google, Google can associate your visit to our website with your Google account. Even if you are not registered with Google, there is a possibility that Google will collect and store your IP address. You have various options for not participating in this tracking process. You can do this through your browser settings or by using specific deactivation links. Further information and options for deactivation can be found in Google's privacy policy at: https://www.google.de/policies/privacy/ . Our legitimate interest in the use of conversion cookies is based on Art. 6 para. 1 sentence 1 f) GDPR, as we use this measure to analyse user behaviour and optimise our online offering and our advertising measures.

- Privacy policy for the use of Vimeo Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. The Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
Further information on the handling of user data can be found in Vimeo's privacy policy at: https://vimeo.com/privacy

- Privacy policy for the use of Google Web Fonts This site uses so-called web fonts provided by Google for the standardised display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.

- Privacy policy for the use of Google Maps This site uses the Google Maps map service via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to provide you with interactive maps directly on our website. This makes it easier for you to use and navigate through the map functions.
When you visit our website, Google is informed that you have accessed the corresponding page of our website. The access data described above in this privacy policy will also be transmitted. This data transfer takes place regardless of whether you are logged in to Google or have a user account. If you are logged in to Google while visiting our website, this information can be directly assigned to your Google profile. To prevent this, you must log out of your Google account before using the Google Maps function.Google stores this data as usage profiles and uses it for advertising, market research and customised design purposes of its own services. You can find more information about Google's privacy policy at: http://www.google.de/intl/de/policies/privacy.
To ensure an appropriate level of data protection, Google has submitted to the Privacy Shield Agreement between the European Union and the USA and has been certified accordingly. Through this certification, Google undertakes to comply with the data protection standards and regulations of the European Union. Further details on this topic can be found at the following link: https://www.privacyshield.gov/EU-US-Framework . Our legitimate interest pursuant to Art. 6 para. 1 lit. f) of the GDPR in the integration of Google Maps is to offer you an improved user experience by integrating a clear and user-friendly map view.you can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/ .

7. Disclosure of data to other companies and other recipients

We disclose your personal data to service providers. This applies in particular to IT service providers, but may - where necessary - include analysis service providers, debt collection service providers, credit agencies, marketing service providers, etc. If these service providers process personal data as processors, they are obliged to process personal data exclusively in accordance with our instructions and to take data security measures. Data may then also be disclosed to other recipients, e.g. to courts and authorities in the context of legal proceedings.

In individual cases, we may also pass on personal data to other third parties for their own purposes, e.g. if you have given us your consent to do so or if we are legally obliged or authorised to do so.

8. Duration of data processing

We store and process your personal data for as long as is necessary for the purpose of processing (for data in connection with contracts, this is usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing the data (e.g. to enforce legal claims or to ensure IT security) and as long as data is subject to a statutory retention obligation (for certain data, for example, a ten-year retention period applies, which we must comply with). We destroy or anonymise your personal data after the storage or processing period has expired, provided that no legal or contractual obligations prohibit this.

9. rights of data subjects

You have certain rights under applicable data protection law to obtain further information about our data processing and to influence it. These are in particular the following rights:

- You have a right to information. This means that you can request information about our data processing. We will be happy to provide you with this information. You can also submit a request for information if you would like further information and a copy of your data.
- You have a right to data portability. This means that you have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format or to have it transferred to a third party, provided that the corresponding data processing is based on your consent or is necessary for the fulfilment of the contract.
- You have the right to cancellation and objection. This means that you can object to our data processing so that we can no longer process your data. You can then request that we erase your personal data. However, we would like to point out that we will continue to process and store your data if we are obliged to do so.
- You have a right to rectification. This means that you can have incorrect or incomplete personal data corrected or completed or then have it marked with a so-called confirmation note.
- You have the right to cancellation. This means that you can withdraw your consent at any time, provided that you have previously given your consent for data processing. The revocation applies from this moment, i.e. only for the future and not for the past. However, we may continue to process your data on another basis if you withdraw your consent.

If you assert your rights as a data subject, we must verify your identity (e.g. by sending you a copy of your ID). The listed data subject rights are then subject to legal requirements and restrictions. This means that it is not always possible to exercise your rights in full. For example, we must continue to process your personal data in order to fulfil a contract with you, to protect our own legitimate interests or to comply with legal obligations. To the extent permitted by law (e.g. to protect the privacy of third parties and to protect our own legitimate interests, such as the existence of business secrets), we may restrict or refuse to exercise your rights. It should also be noted that you also have the option of contacting the responsible data protection authority with your concerns.

10. status of the privacy policy

This privacy policy is up to date and dated 30.07.2024.

© Christian Fischbacher Bed & Bath AG, 2025. All rights reserved.