Privacy Policy
Introduction
We are very pleased about your interest in our company. Data protection is of particularly high importance to the management of bigfile.ch. Use of the bigfile.ch website is generally possible without providing any personal data. However, if a data subject wishes to use special services provided by our company via our website, the processing of personal data may become necessary. Where the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection provisions applicable to bigfile.ch. By means of this privacy policy, we inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of the rights to which they are entitled.
As the controller responsible for processing, bigfile.ch has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed through this website. Nevertheless, internet-based data transmissions may in principle have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us through alternative means, for example by telephone.
1. Definitions
The privacy policy of bigfile.ch is based on the terminology used by the European legislator when adopting the GDPR. Our privacy policy is intended to be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we explain the terminology used in advance.
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for processing
Controller or controller responsible for processing means the natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
h) Processor
Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
i) Recipient
Recipient means a natural or legal person, public authority, agency, or other body to which personal data is disclosed, regardless of whether it is a third party or not.
j) Third party
Third party means a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
2. Name and Address of the Controller
Controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other provisions of a data protection nature is:
bigfile.ch
Seehaldenstrasse 28
9404 Rorschacherberg
Switzerland
Email: info@bigfile.ch
Website: bigfile.ch
3. Cookies
The bigfile.ch website uses cookies. Cookies are text files that are placed and stored on a computer system via an internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can assign the specific internet browser in which the cookie was stored. This enables visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies.
By using cookies, bigfile.ch can provide users of this website with more user-friendly services that would not be possible without the setting of cookies.
The data subject may, at any time, prevent the setting of cookies by our website by means of a corresponding setting in the internet browser used and may thus permanently object to the setting of cookies. Furthermore, cookies already set may be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website may be fully usable.
4. Collection of General Data and Information (Server Log Files)
The bigfile.ch website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The following may be collected:
browser types and versions used
operating system used
referrer URL
subpages accessed
date and time of access
IP address
internet service provider
other similar data and information used for security purposes
When using this general data and information, bigfile.ch does not draw any conclusions about the data subject. Rather, this information is needed to correctly deliver content, optimize content and advertising, ensure the long-term functionality and security of our systems, and provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. The anonymously collected data is statistically evaluated and also used to increase data protection and data security.
5. Contact Option via the Website
The website of bigfile.ch contains information required by law that enables rapid electronic contact with our company as well as direct communication with us, including an email address. If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data voluntarily transmitted by a data subject is stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.
6. Routine Erasure and Blocking of Personal Data
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this has been provided for by the European legislator or another legislator in laws or regulations to which the controller is subject.
If the storage purpose no longer applies or if a storage period prescribed by law expires, the personal data will be routinely blocked or erased in accordance with the statutory provisions.
7. Rights of the Data Subject
In particular, you have the following rights under the GDPR:
a) Right to confirmation – information as to whether personal data is being processed.
b) Right of access – free information about stored personal data and a copy of this information.
c) Right to rectification – correction of inaccurate data and completion of incomplete data.
d) Right to erasure (“right to be forgotten”).
e) Right to restriction of processing.
f) Right to data portability.
g) Right to object.
h) Automated individual decision-making, including profiling.
i) Right to withdraw consent.
You may contact us at any time to exercise your rights.
8. Data Protection Provisions on the Use of Google AdSense
The controller has integrated Google AdSense on this website. Google AdSense is an online service that allows advertisements to be placed on third-party sites. Google AdSense is based on an algorithm that selects the ads displayed on third-party websites to match the content of the respective third-party site. Google AdSense allows interest-based targeting of internet users, which is implemented by generating individual user profiles.
The operating company of the Google AdSense component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
The purpose of the Google AdSense component is the integration of advertisements on our website. Google AdSense places a cookie on the data subject’s information technology system. Each time an individual page on which a Google AdSense component has been integrated is accessed, the internet browser on the data subject’s system is automatically prompted to transmit data for the purpose of online advertising and commission billing. Within the scope of this technical process, personal data such as the IP address may be processed.
Google AdSense also uses so-called tracking pixels (small graphics), which enable statistical analysis. Through Google AdSense, personal data and information, including the IP address, may be transferred to, stored, and processed in the United States of America. Google may under certain circumstances pass this data on to third parties.
Further information: Google AdSense
9. Data Protection Provisions on the Use of Google Analytics (with Anonymization Function)
The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service.
The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.
For web analysis via Google Analytics, the controller uses the addition “_gat._anonymizeIp”. This shortens and anonymizes the IP address of the internet connection of the data subject if access originates from a member state of the EU or EEA.
Google Analytics places a cookie. This enables Google to analyze the use of our website. Personal data such as the IP address may be transferred to, stored, and processed in the United States of America. Google may under certain circumstances pass this data on to third parties.
Objection / Opt-Out: Browser add-on at https://tools.google.com/dlpage/gaoptout
Further information: Google Privacy Policy and Google Analytics Terms
10. Legal Basis for Processing
Art. 6(1)(a) GDPR serves as the legal basis for our company for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract, the processing is based on Art. 6(1)(b) GDPR. The same applies to processing operations required to carry out pre-contractual measures. If our company is subject to a legal obligation, the processing is based on Art. 6(1)(c) GDPR. In rare cases, the processing may be based on Art. 6(1)(d) GDPR (vital interests). Finally, processing operations may be based on Art. 6(1)(f) GDPR (legitimate interest), provided that the interests, fundamental rights, and freedoms of the data subject do not override them.
11. Legitimate Interests in Processing
Where the processing of personal data is based on Art. 6(1)(f) GDPR, our legitimate interest is the conduct of our business operations for the well-being of all our employees and shareholders.
12. Period for Which Personal Data Is Stored
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of that period, the corresponding data is routinely deleted, provided it is no longer required for the fulfillment or initiation of a contract.
13. Statutory or Contractual Requirements for the Provision of Personal Data
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual provisions. In some cases, it may be necessary for the conclusion of a contract that a data subject provides us with personal data that must subsequently be processed by us. Failure to provide such personal data would mean that the contract could not be concluded. Before providing personal data, the data subject may contact us to receive information about whether the provision of personal data is required and what consequences non-provision would have.
14. Existence of Automated Decision-Making
As a responsible company, we do not use automated decision-making or profiling.