Binzstrasse 23
CH-8045 Zürich
+41 43 243 95 93
contact@floid.ch
Monday – Friday
09:00 – 18:00
CHE-110.547.772
CHE-110.547.772MWST
With this privacy policy, we inform you about which personal data we process in connection with our activities and operations, including our floid.ch website. We specifically inform you about why, how, and where we process which personal data. We also inform you about the rights of individuals whose data we process.
For individual or additional activities and operations, further privacy policies as well as other legal documents such as general terms and conditions (GTC), terms of use, or participation conditions may apply.
Responsibility for the processing of personal data:
Floid AG
Binzstrasse 23
CH-8045 Zurich
In individual cases, there may be other persons responsible for processing personal data or joint responsibility with at least one other responsible person.
Personal data are all information relating to a specific or identifiable natural person.
Particularly sensitive personal data are data concerning union membership, political, religious, or philosophical views and activities, data on health, intimate sphere, or racial or ethnic origin, genetic data, biometric data uniquely identifying a natural person, data on criminal and administrative sanctions or prosecutions, and data on social assistance measures.
Processing encompasses any handling of personal data, regardless of the means and procedures used, such as querying, matching, adapting, archiving, storing, reading out, disclosing, acquiring, recording, collecting, deleting, revealing, ordering, organizing, storing, changing, spreading, linking, destroying, and using personal data.
A data subject is a natural person whose personal data we process.
We process personal data in accordance with Swiss data protection law, especially the Federal Act on Data Protection (Data Protection Act, DPA) and the Data Protection Ordinance (DPO).
We process those personal data that are necessary to be able to carry out our activities and operations in a permanent, user-friendly, secure, and reliable manner. Such personal data can fall into categories like inventory and contact data, browser and device data, content data, meta or edge data, usage data, location data, sales data, and contract and payment data.
We process personal data for the period necessary for the respective purpose(s) or as required by law. Personal data that are no longer necessary will be anonymized or deleted.
We can have personal data processed by third parties. We can process personal data together with third parties or transfer them to third parties. Such third parties are in particular specialized providers whose services we use. We ensure data protection also with such third parties.
We process personal data primarily with the consent of the data subjects. As far as and to the extent that the processing is permissible for other legal reasons, we can dispense with obtaining consent. For example, we can process personal data without consent to fulfill a contract, to comply with legal obligations, or to safeguard overriding interests.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, provided such processing is legally permissible.
We process personal data to be able to communicate with third parties. In this context, we particularly process data that a data subject transmits when contacting us, for example, by letter or email. We can store such data in an address book or with comparable tools.
Third parties transmitting data about other persons are obliged to ensure data protection for such affected persons. Among other things, the accuracy of the transmitted personal data must be ensured.
We process personal data about applicants as far as necessary to assess their suitability for an employment relationship or to carry out a subsequent employment contract. The required personal data are particularly derived from the requested information, for example, within the context of a job advertisement. We can publish job advertisements with the help of suitable third parties, for example, in electronic and printed media or on job portals and job platforms.
We also process personal data that applicants voluntarily provide or publish, particularly as part of cover letters, CVs, other application documents, and online profiles.
We can allow applicants to store their data in our talent pool so that we can consider them for future job openings. We can also use such data to maintain contact and provide information about news. If we believe an applicant is suitable for an open position based on the information provided, we can inform the applicant accordingly.
We use selected services from suitable third parties to advertise jobs through e-recruitment and to facilitate and manage applications.
We specifically use:
We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. With our measures, we particularly ensure the confidentiality, availability, traceability, and integrity of the processed personal data, without, however, being able to guarantee absolute data security.
Access to our website and our other online presence is via transport encryption (SSL / TLS, particularly with the Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers mark transport encryption with a small padlock in the address bar.
Our digital communication is subject – like generally any digital communication – to mass surveillance without cause and suspicion by security authorities in Switzerland, in the rest of Europe, in the United States of America (USA), and in other countries. We cannot directly influence the corresponding processing of personal data by intelligence agencies, police stations, and other security authorities. We also cannot rule out that individual data subjects may be specifically monitored.
We process personal data primarily in Switzerland. However, we can disclose or export personal data to other countries, particularly to process them there or have them processed.
We can disclose personal data to all countries and territories on Earth as well as elsewhere in the Universe, provided the law there ensures adequate data protection according to the decision of the Swiss Federal Council.
We can disclose personal data to countries whose law does not ensure adequate data protection if suitable data protection is ensured for other reasons, particularly based on standard data protection clauses or other appropriate safeguards. Exceptionally, we can export personal data to countries without adequate or suitable data protection if the special data protection legal requirements are met, such as the explicit consent of the data subjects or a direct connection with the conclusion or execution of a contract. We are happy to provide information about any safeguards or provide a copy of guarantees upon request.
We grant data subjects all claims under applicable data protection law. Data subjects, in particular, have the following rights:
We can defer, restrict, or refuse the exercise of the rights of data subjects to the extent legally permissible. We can inform data subjects about any conditions that must be met to exercise their data protection claims. For example, we can refuse information with reference to business secrets or the protection of other persons, either wholly or partially. We can also refuse the deletion of personal data wholly or partially, citing legal retention obligations.
We can provide for costs for exercising rights exceptionally. We inform data subjects about any costs in advance.
We are obliged to identify data subjects who request information or assert other rights with reasonable measures. Data subjects are required to cooperate.
Data subjects have the right to enforce their data protection claims through legal means or to file a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for complaints by data subjects against private responsible parties and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
We may use cookies. Cookies – our own cookies (first-party cookies) and third-party cookies whose services we use (third-party cookies) – are data stored in the browser. Such stored data do not necessarily have to be limited to traditional text-form cookies.
Cookies can be stored temporarily in the browser as “session cookies” or for a specific period as so-called permanent cookies. “Session cookies” are automatically deleted when the browser is closed. Permanent cookies have a specific storage period. Cookies allow a browser to be recognized on the next visit to our website, for example, to measure the reach of our website. However, permanent cookies can also be used, for example, for online marketing.
Cookies can be disabled or deleted at any time in the browser settings. Without cookies, our website may no longer be fully available. We request active consent for the use of cookies, at least insofar as and to the extent required.
For cookies used for performance and reach measurement or advertising, a general objection (“opt-out”) is possible for many services via the AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We can log at least the following data for every access to our website and our other online presence, provided these are transmitted to our digital infrastructure: Date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including data volume transmitted, last website accessed in the same browser window (referrer).
We log such data, which may also constitute personal data, in log files. The data are necessary to provide our online presence permanently, user-friendly, and reliably. The data are also necessary to ensure data security – even by third parties or with the help of third parties.
We can embed tracking pixels in our online presence. Tracking pixels are also referred to as web beacons. Tracking pixels – also from third parties whose services we use – are usually small, invisible images or JavaScript scripts that are automatically retrieved when accessing our online presence. With tracking pixels, at least the same data as in log files can be recorded.
We send notifications and communications by email and other communication channels such as instant messaging or SMS.
Notifications and communications may contain web links or tracking pixels that record whether an individual message was opened and which web links were clicked. Such web links and tracking pixels can also capture the use of notifications and communications on a personal basis. We need this statistical recording of usage for performance and reach measurement to send notifications and communications effectively and user-friendly, based on the needs and reading habits of the recipients, as well as permanently, securely, and reliably.
You must generally consent to the use of your email address and other contact addresses, unless the use is permissible for other legal reasons. For obtaining double-confirmed consent, we may use the “double opt-in” procedure. In this case, you will receive a message with instructions for double confirmation. We can log obtained consents, including IP address and timestamp, for proof and security reasons.
You can generally object to receiving notifications and communications such as newsletters at any time. With such an objection, you can also object to the statistical recording of usage for performance and reach measurement. Required notifications and communications related to our activities and operations are exempt.
We are present on social media platforms and other online platforms to communicate with interested persons and inform them about our activities and operations. Personal data may also be processed outside Switzerland in connection with such platforms.
The general terms and conditions (GTC) and terms of use, as well as privacy policies and other provisions of the respective operators of such platforms, also apply. These provisions particularly inform about the rights of data subjects directly towards the respective platform, such as the right to information.
We use services from specialized third parties to carry out our activities and operations permanently, user-friendly, securely, and reliably. With such services, we can, among other things, embed functions and content into our website. In such cases, the services used must temporarily collect the IP addresses of users for technical reasons.
For necessary security-related, statistical, and technical purposes, third parties whose services we use can aggregate, anonymize, or pseudonymize data related to our activities and operations. This includes, for example, performance or usage data to provide the respective service.
We specifically use:
We use services from specialized third parties to access the required digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.
We specifically use:
We use the possibility to display targeted advertising with third parties such as social media platforms and search engines for our activities and operations.
We aim to reach people who are already interested in our activities and operations or who might be interested (remarketing and targeting). For this, we can transmit corresponding – possibly also personal – data to third parties that enable such advertising. We can also determine if our advertising is successful, i.e., whether it leads to visits to our website (conversion tracking).
Third parties, where we advertise and where you are logged in as a user, can possibly assign the use of our website to your profile there.
We specifically use:
We use extensions for our website to access additional functions. We can use selected services from suitable providers or use such extensions on our own digital infrastructure.
We specifically use:
We try to determine how our online offering is used. In this context, we can measure the success and reach of our activities and operations as well as the impact of third-party links to our website. We can also experiment and compare how different parts or versions of our online offering are used (“A/B testing” method). Based on the results of success and reach measurement, we can fix errors, strengthen popular content, or make improvements to our online offering.
For success and reach measurement, the IP addresses of individual users are usually stored. IP addresses are generally shortened (“IP masking”) in this case to follow the principle of data minimization through corresponding pseudonymization.
Cookies and user profiles may be used for success and reach measurement. Any created user profiles include, for example, the individual pages visited or content viewed on our website, information on screen size or browser window size, and the – at least approximate – location. Generally, any user profiles created are only pseudonymized and not used to identify individual users. Individual services from third parties where users are logged in can possibly assign the use of our online offering to the user account or user profile at the respective service.
We specifically use:
We can adjust and supplement this privacy policy at any time. We will inform about such adjustments and supplements in an appropriate form, especially by publishing the current privacy policy on our website.