Data protection declaration

The responsible body in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

SAM global association
Lighthouse Battambang
Wolfensbergstrasse 47
8400 Winterthur

E-mail: lh.battambang@gmail.com
Website: https://lighthousebattambang.org/

 

General notice

Based on Article 13 of the Swiss Federal Constitution and the federal data protection regulations (Data Protection Act, DSG), every person has the right to protection of their privacy as well as protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or names of files accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address are collected as far as possible on a voluntary basis. No data will be passed on to third parties without your consent.

In case of discrepancies with the German version, the German version shall prevail.

 

Processing of personal data

Personal data is any information that relates to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.

We process personal data in accordance with Swiss data protection law. In addition, we process – to the extent and insofar as the EU-DSGVO is applicable – personal data in accordance with the following legal bases in connection with Art. 6 para. 1 DSGVO:

  • Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) – The data subject has given his/her consent to the processing of personal data concerning him/her for a specific purpose or purposes.
  • Contractual performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. DSGVO) – The processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject.
  • Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO) – Processing is necessary to protect the vital interests of the data subject or another natural person.
  • Rightful interests (Art. 6 para. 1 p. 1 lit. f. DSGVO) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
  • Application procedure as a pre-contractual or contractual relationship (Art. 9 (2) lit. b DSGVO) – Insofar as, in the context of the application procedure, special categories of personal data within the meaning of Art. 9 (1) DSGVO (eg. Health data, such as severely disabled status or ethnic origin) are requested from applicants so that the controller or the data subject can exercise the rights accruing to him or her under labor law and social security and social protection law and comply with his or her obligations in this regard, their processing is carried out in accordance with Art. 9 para 2 lit. b. DSGVO, in case of protection of vital interests of the applicants or other persons according to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee’s ability to work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. DSGVO. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. DSGVO.

We process personal data for the duration required for the respective purpose or purposes. In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict the processing accordingly.

 

Relevant legal basis

In accordance with Art. 13 DSGVO, we inform you of the legal bases of our data processing. If the legal basis is not mentioned in the privacy statement, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing for the performance of our services and implementation of contractual measures and responding to inquiries is Art. 6(1)(b) DSGVO, the legal basis for processing for the performance of our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing for the protection of our legitimate interests is Art. 6(1)(f) DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d DSGVO serves as the legal basis.

 

Security measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, the deletion of data, and responses to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software as well as procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

 

Transfer of personal data

In the course of our processing of personal data, it happens that the data is transferred to other bodies, companies, legally independent organizational units or persons or that it is disclosed to them. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

 

Data processing in third countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities or companies, this will only be done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we process data only in third countries with a recognized level of data protection, contractual obligation by so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection rules (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

 

Privacy Policy for Cookies

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. The primary purpose of a cookie is to store information about a user during or after their visit within an online site. Stored information may include, for example, language settings on a website, login status, a shopping cart, or where a video was watched. The term cookies also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also referred to as “user IDs”).

The following cookie types and functions are distinguished:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
  • Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes can be stored in such a cookie.
  • First-party cookies: First-party cookies are set by ourselves.
  • Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
  • Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to store logins or other user inputs or for security reasons).
  • Statistics, marketing and personalization cookies: Furthermore, cookies are usually also used in the context of range measurement and when a user’s interests or behavior (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e., tracking the potential interests of users. Insofar as we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is your declared consent. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g. in the business operation of our online offer and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

Storage period: Unless we provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (whereby this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared by means of a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can obtain further instructions on how to object in the context of the information on the service providers and cookies used.

Processing of cookie data based on consent: We use a cookie consent management procedure, in the context of which the consent of users to the use of cookies, or the processing and providers mentioned in the cookie consent management procedure can be obtained and managed and revoked by users. Here, the declaration of consent is stored in order not to have to repeat its query and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or with the help of comparable technologies), in order to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. Here, a pseudonymous user identifier is formed and stored with the time of consent, information on the scope of consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and end device used.

  • Types of data processed: Usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

Privacy Policy for SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

Data protection statement for server log files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request

This data cannot be assigned to specific persons. A combination of this data with other data sources is not made. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

 

Third Party Services

This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.

These services of the American Google LLC use, among other things, cookies and, as a result, data is transferred to Google in the USA, although we assume that no personal tracking takes place in this context solely through the use of our website.

Google has undertaken to ensure adequate data protection in accordance with the US-European and the US-Swiss Privacy Shield.

Further information can be found in the privacy policy of Google.

 

Privacy policy for contact form

If you send us inquiries via contact form, your information from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

 

Data protection statement for newsletter data

If you would like to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data will not be collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe link” in the newsletter.

 

Rights of persons concerned

Right to confirmation.

Every data subject has the right to request confirmation from the website operator as to whether personal data concerning him or her are being processed. If you wish to exercise this right of confirmation, you may, at any time, contact the Data Protection Officer.

 

Right to information.

Any person with personal data affected by the processing has the right to receive information about the personal data stored about him or her and a copy of this information from the operator of this website free of charge at any time. Furthermore, information may be provided about the following information, if applicable:

  • the categories of personal data that are processed
  • the recipients to whom the personal data have been or will be disclosed
  • If possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of a right to obtain the rectification or erasure of personal data concerning them, or the restriction of processing by the controller, or a right to object to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data are not collected from the data subject: All available information about the origin of the data

Furthermore, the data subject shall have the right to obtain information as to whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.

If you wish to exercise this right to information, you can contact our data protection officer at any time.

 

Right of rectification.

Every person affected by the processing of personal data has the right to demand that inaccurate personal data concerning him or her be corrected without delay. Furthermore, the data subject has the right to request the completion of incomplete personal data – also by means of a supplementary declaration – taking into account the purposes of the processing.

If you would like to exercise this right of correction, you can contact our data protection officer at any time.

 

Right to erasure (right to be forgotten)

Any person concerned by the processing of personal data has the right to obtain from the controller of this website the immediate erasure of personal data concerning him or her, where one of the following reasons applies and insofar as the processing is not necessary:

  • The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary
  • The data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing
  • The data subject objects to processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to processing in the case of direct marketing and related profiling
  • The personal data have been processed unlawfully
  • The deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
  • The personal data was collected in relation to offered information society services made directly to a child

If one of the above reasons applies and you wish to arrange for the deletion of personal data stored by the operator of this website, you can contact our data protection officer at any time. The data protection officer of this website will arrange for the deletion request to be complied with immediately.

 

Right to restriction of processing.

Any person concerned by the processing of personal data has the right to obtain from the controller of this website the restriction of the processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data
  • The processing is unlawful, the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data
  • The controller no longer needs the personal data for the purposes of processing, but the data subject needs it for the establishment, exercise or defense of legal claims
  • The data subject has objected to the processing on grounds relating to his or her particular situation, and it is not yet clear whether the legitimate interests of the controller override those of the data subject

If one of the above conditions is met, you can request the restriction of personal data stored by the operator of this website at any time by contacting our data protection officer. The data protection officer of this website will arrange the restriction of the processing.

 

Right to data portability.

Every person affected by the processing of personal data has the right to receive the personal data concerning him or her in a structured, common and machine-readable format. He or she also has the right to have this data transferred to another controller if the legal requirements are met.

Furthermore, the data subject has the right to obtain that the personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

To assert the right to data portability, you can contact the data protection officer appointed by the operator of this website at any time.

 

Right of appeal.

Any person concerned by the processing of personal data has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her.

The operator of this website shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or if the processing serves the purpose of asserting, exercising or defending legal claims.

To exercise the right to object, you can contact the data protection officer of this website directly.

 

Right to revoke consent under data protection law.

Every person affected by the processing of personal data has the right to revoke a given consent to the processing of personal data at any time.

If you wish to exercise your right to withdraw consent, you can contact our data protection officer at any time.

 

Privacy Policy for Contradiction Advertising Mails

The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

 

Privacy policy for the use of Google Web Fonts

This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font is used by your computer.

For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and Google’s privacy policy: https://www.google.com/policies/privacy/

 

Privacy Policy for Facebook

This website uses functions of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA . When you call up our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. In the process, data is already transmitted to Facebook. If you have a Facebook account, this data can be linked to it. If you do not want this data to be associated with your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular the use of a comment function or the clicking of a “Like” or “Share” button are also passed on to Facebook. You can learn more at https://de-de.facebook.com/about/privacy.

 

privacy policy for Instagram

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.

For more information, please see Instagram’s privacy policy: http://instagram.com/about/legal/privacy/

 

Newsletter – Mailchimp

The newsletter is sent using the mailing service provider ‘MailChimp’, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the shipping service provider here. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield agreement, thereby providing a guarantee of compliance with the European level of data protection (PrivacyShield). The shipping service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO and a contract processing agreement pursuant to Art. 28 para. 3 p. 1 DSGVO.

The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

 

Privacy Policy for YouTube

Functions of the “YouTube” service are integrated on this website. “YouTube” is owned by Google Ireland Limited, a company incorporated and operated under the laws of Ireland, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland.

Your legal agreement with “YouTube” consists of the terms and conditions found at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=en. These Terms constitute a legally binding agreement between you and “YouTube” regarding your use of the Services. Google’s Privacy Policy explains how “YouTube” treats and protects your personal information when you use the Service.

 

Note on data transfer to the USA

Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

 

Copyrights

The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named copyright holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.

Anyone who commits a copyright infringement without the consent of the respective rights holder may be liable to prosecution and at most to damages.

 

General Disclaimer

All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors can not be completely excluded, so we can not guarantee the completeness, accuracy and timeliness of information, including journalistic-editorial nature. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.

The publisher may change or delete texts at his own discretion and without notice and is not obliged to update any contents of this website. The use of or access to this website is at the visitor’s own risk. The publisher, its clients or partners are not responsible for damages, such as direct, indirect, incidental, to be determined in advance or consequential damages, which are allegedly caused by the visit of this website and therefore assume no liability.

The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are exclusively responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.

 

Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website applies. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.

 

Questions to the Data Protection Officer

If you have any questions about data protection, please send us an e-mail.

 


Source: SwissAnwalt