top of page

Imprint & Privacy Policy

Imprint
 

Company information:
Noëmi Thum Consulting GmbH
Bahnhofstrasse 34
8854 Siebnen, Switzerland

UID: CHE-375.171.621

Commercial Register entry:
Schwyz
 

Support:
Noëmi Thum
E-Mail: info@noemithum.com
 

EU dispute resolution:
The European Commission provides a platform for online dispute resolution (ODR), which you can find at http://ec.europa.eu/consumers/odr . Noëmi Thum Consulting GmbH is not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

Privacy Policy


 

With this privacy policy, I provide information about the processing of personal data in connection with my activities and operations, including my website under the domain name www.noemithum.com. In particular, I provide information on why, how and where I process which personal data. I also provide information about the rights of persons whose data I process.

I may publish additional privacy statements or other privacy information for individual or additional activities and operations.


1.    Contact details

Responsibility for processing personal data:

Noëmi Thum
Bahnhofstrasse 34
8854 Siebnen

hallo@noemithum.com

In some cases, third parties may be responsible for processing personal data, or there may be joint responsibility with third parties.

 


2.    Terms and legal information

2.1   Terms

Data subject: Natural person about whom I process personal data.

 

Personal data: Any information relating to an identified or identifiable individual.

 

Sensitive personal data: Data concerning trade union, political, religious or philosophical opinions and activities, data concerning health, life or membership of an ethnic or racial group, genetic data, biometric data that uniquely identifies a natural person, data concerning criminal or administrative sanctions or prosecutions and data concerning social assistance measures.

 

Processing: Any handling of personal data, regardless of the means and procedures used, such as querying, matching, adapting, archiving, storing, reading, disclosing, obtaining, collecting, recording, deleting, disclosing, arranging, organizing, storing, modifying, disseminating, interconnecting, destroying and using personal data.

2.2   Legal information
I process personal data in accordance with Swiss data protection legislation, in particular the Federal Data Protection Act (DSG) and the Data Protection Ordinance (DPO).



3.     Nature, scope and purpose of the processing of personal data

I process the personal data necessary to carry out my activities and operations in a sustainable, humane, secure and reliable manner. The personal data processed may fall into the following categories: browser and device data, content data, communication data, metadata, usage data, master data including inventory and contact data, location data, transaction data, contract data and payment data.

We also process personal data that we receive from third parties, that we obtain from publicly available sources, or that we collect in the course of our activities and operations, to the extent that such processing is permitted by law.

Where necessary, I process personal data with the consent of the data subject. In many cases, I may process personal data without consent, for example to comply with legal obligations or to protect overriding interests. I may also ask data subjects for their consent where their consent is not required.

I process personal data for as long as necessary for the purpose. I will anonymize or delete personal data, in particular in accordance with statutory retention and limitation periods.



4.    Bekanntgabe von Personendaten

Ich kann Personen­daten an Dritte bekanntgeben, durch Dritte bearbeiten lassen oder gemeinsam mit Dritten bearbeiten. Bei solchen Dritten handelt es sich insbesondere um spezialisierte Anbieter, deren Leistungen wir in Anspruch nehmen.

Ich kann Personen­daten beispielsweise an Banken und andere Finanz­dienstleister, Behörden, Bildungs- und Forschungs­einrichtungen, Berater und Rechtsanwälte, Interessen­vertretungen, IT-Dienstleister, Kooperations­partner, Kredit- und Wirtschaft­sauskunfteien, Logistik- und Versand­unternehmen, Marketing- und Werbe­agenturen, Medien, Organisationen und Verbände, soziale Einrichtungen, Telekommunikations­unternehmen und Versicherungen bekanntgeben.



5.    Communications

I process personal data in order to communicate with individuals as well as with authorities, organizations and companies. In particular, I process data that a data subject transmits to me when contacting me, for example by post or e-mail. I may store such information in an address book or similar tool.

Third parties who provide me with data about other individuals are required to independently ensure the privacy of those individuals. In particular, they must ensure that such data is accurate and may be transmitted.

I use selected services from appropriate providers to enable and improve communication with individuals and other communication partners. I may also use such services to manage and otherwise process the data of data subjects beyond direct communication.

In particular, I use

Wix CRM: Customer Relationship Management (CRM); Provider: Wix; Wix CRM specific information: Wix CRM.



6.    Data privacy

I take appropriate technical and organizational measures to ensure data security commensurate with the risk involved. In particular, my measures guarantee the confidentiality, availability, traceability and integrity of the processed personal data, without, however, being able to guarantee absolute data security.

The access to my website and my other online presence is carried out by means of transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated to HTTPS). Most browsers warn against visiting websites without transport encryption.

My digital communication - like all digital communication in general - is subject to mass surveillance without cause or suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other countries. I have no direct control over the processing of personal data by intelligence services, police forces and other security authorities. Nor can I rule out the possibility that a data subject may be subject to targeted surveillance.



7.    Personal data abroad

I usually process personal data in Switzerland. However, I may disclose or export personal data to other countries, in particular to process or have processed personal data there.

I may disclose personal data to all countries on earth and elsewhere in the universe, provided that the law there guarantees an adequate level of data protection in accordance with the decision of the Swiss Federal Council. I may disclose personal data to countries whose laws do not provide an adequate level of data protection, provided that an adequate level of data protection is otherwise ensured, in particular on the basis of standard data protection clauses or other appropriate guarantees. By way of exception, I may export personal data to countries without adequate or appropriate data protection if the special requirements under data protection law are met, such as the express consent of the data subjects or a direct connection with the conclusion or performance of a contract. Upon request, I will be happy to inform individuals about any warranties or provide a copy of the warranties.

 


8.    Data subject rights

8.1   Privacy claims

I grant data subjects all rights under applicable data protection laws. In particular, data subjects have the following rights

 

  • Information: Data subjects may request information as to whether I process personal data about them and, if so, what personal data is involved. Data subjects will also receive the information necessary to assert their data protection rights and to ensure transparency. This includes the processed personal data as such, but also information about the purpose of the processing, the duration of storage, any transfer or export of data to other countries, and the origin of the personal data.

  • Correction and restriction: Data subjects may have inaccurate personal data corrected, incomplete data completed, and the processing of their data restricted.

  • Erasure and objection: Data subjects may have personal data erased ("right to be forgotten") and object to the processing of their data with effect for the future.

  • Data disclosure and transfer: Data subjects may request the disclosure of personal data or the transfer of their data to another controller.

I may postpone, restrict or deny the exercise of data subjects' rights to the extent permitted by law. I may inform data subjects of any conditions that must be met in order to exercise their rights under data protection law. For example, I may refuse to provide information in whole or in part with reference to confidentiality obligations, overriding interests or the protection of others. For example, I may also refuse to delete personal data in whole or in part, in particular with reference to statutory retention obligations.

In exceptional cases, I may charge costs for exercising rights. I will inform the data subject in advance of any such costs.

I am required to take reasonable steps to identify data subjects who request information or assert other rights. Data subjects are required to cooperate.

8.2  Legal protection

Data subjects have the right to enforce their data protection rights through the courts or by lodging a complaint with a data protection authority.

The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

 


9.    Use of the site

9.1   Cookies

I may use cookies. Cookies - both my own cookies (first-party cookies) and cookies from third parties whose services I use (third-party cookies) - are data that are stored in the browser. Such stored data need not be limited to traditional text cookies.

Cookies can be stored in the browser temporarily as "session cookies" or for a certain period of time as so-called permanent cookies. Session cookies are automatically deleted when the browser is closed. Permanent cookies are stored for a specific period of time. In particular, cookies make it possible to recognize a browser the next time it visits our website and thus, for example, to measure the reach of my website. Persistent cookies can also be used for online marketing purposes.

Cookies can be completely or partially disabled and deleted at any time in the browser settings. Without cookies, my website may not be fully available. I actively request your express consent to the use of cookies - at least when and to the extent necessary.

For cookies that are used to measure success and reach or for advertising, a general opt-out is available for many services through AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).


9.2    Logging

I may log at least the following information for each access to my website and our other online presence, insofar as this information is transmitted to my digital infrastructure during such accesses Date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of my website accessed including the amount of data transferred, last website accessed in the same browser window (referrer).

I log this information, which may include personal information, in log files. The information is necessary to provide my online presence in a permanent, user-friendly and reliable manner. The information is also needed to ensure data security - even by third parties or with the help of third parties.

 

9.3    Tracking pixel

I can integrate tracking pixels into my website. Web beacons are also known as tracking pixels. Tracking pixels - including those from third parties whose services I use - are typically small, invisible images or scripts written in JavaScript that are automatically retrieved when my site is accessed. Web beacons can be used to collect at least the same information as log files.

9.4    Comments

I allow you to post comments on my website. In particular, I process the information that a commenting person sends to me, as well as the IP address used and the date and time. This information is necessary to enable the publication of comments and to ensure protection against misuse, which is in my overriding legitimate interest.

 


10.    Notifications and messages

10.1.  Measurement of success and reach

Alerts and Messages may contain web beacons or tracking pixels that record whether an individual message was opened and which web beacons were clicked. Such web beacons and tracking pixels may also record usage of Alerts and Messages on an individual basis. I need this statistical tracking of usage to measure success and reach in order to deliver notifications and messages in an effective, human-friendly, persistent, secure and reliable manner based on the needs and reading habits of the recipients.

10.2.  Opting in and opting out

You must always consent to the use of your email address and other contact information, unless the use is permitted for other legal reasons. I can use the "double opt-in" process to get double-confirmed consent. In this case, you will receive a message with double opt-in instructions. I may log any consent I receive, including the IP address and timestamp, for evidence and security purposes.

You may at any time object to receiving notifications and communications such as newsletters. With such an objection, you can also object to the statistical recording of usage to measure success and reach. Necessary notifications and communications in connection with my activities and operations remain reserved.

 

10.3  Service Provider for notifications and messages

I send notifications and messages using specialized service providers.

 

In particular, I use

ActiveCampaign: Marketing automation platform, especially for email marketing; Service provider: ActiveCampaign LLC (USA); Privacy Information: Privacy Policy.

Manychat: Chatbot and instant messaging platform; Provider: Manychat Inc; Privacy Information: Privacy Policy, Privacy & Security at Manychat.



11.    Social Media

I am present on social media platforms and other online platforms to communicate with interested parties and to provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland.

The general terms and conditions and terms of use as well as data protection declarations and other provisions of the individual operators of such platforms also apply in each case. In particular, these provisions provide information about the rights of data subjects directly vis-à-vis the respective platform, including, for example, the right to information.



12.    Third-party services

I use the services of specialized third parties to conduct my activities and operations in a sustainable, humane, secure and reliable manner. Among other things, I may use such services to embed features and content into my website. In the case of such embedding, the services used collect the IP addresses of users at least temporarily for technically compelling reasons.

For necessary security-related, statistical and technical purposes, third parties whose services I use may process data in connection with my activities and operations in aggregated, anonymized or pseudonymized form. This includes, for example, performance or usage data in order to be able to offer the respective service.

I use in particular:

 

12. 1  Digital infrastructure

I use the services of specialized third parties to provide the necessary digital infrastructure in connection with my activities and operations. This includes, for example, hosting and storage services from selected providers.

In particular, I use


12. 2  Automation and integration of applications and services

I use specialized platforms to integrate and connect existing third-party applications and services. I can also use such "no-code" platforms to automate processes and activities with third-party applications and services.

 

In particular, I use

12.3  Scheduling

I use the services of specialized third parties to arrange online appointments, such as meetings. In addition to this Privacy Policy, any directly visible terms and conditions of the services used, such as terms of use or privacy policies, also apply.

 

In particular, I use

12.4   Audio and video conferencing

I use specialized audio and video conferencing services to communicate online. For example, I may use them to hold virtual meetings or conduct online classes and webinars. When I participate in audio and video conferences, I am also subject to the legal notices of those services, such as privacy policies and terms of service.

Depending on your life situation, we recommend that you mute your microphone by default and blur or display a virtual background when participating in audio and video conferences.

 

I particularly use

12.5   Online collaboration

I use third-party services to enable online collaboration. In addition to this Privacy Policy, any directly visible terms and conditions of the services I use, such as terms of use or privacy policies, also apply.

 

I use in particular

12.6 Social media features and content

I use third-party services and plugins to embed social media features and content and to enable content sharing on social media platforms and in other ways.

 

In particular, I use

 

12.7   Digital content

I use the services of specialized third parties to integrate digital content into my website. Digital content includes, but is not limited to, images, video, music, and podcasts.

 

In particular, I use

12.8   Dokumente

I use third-party services to integrate documents into my website. Such documents can include PDF files, presentations, spreadsheets, and text documents. This allows me to not only view, but also edit or comment on such documents.

 

In particular, I use

12.9.  E-Commerce

I operate an e-commerce business and use third party services to successfully offer services, content or goods.

 

In particular, I use

Wix eCommerce: e-commerce platform; Provider: Wix; Wix eCommerce specific information: "About Wix Stores", "Selling with Wix".

12.10 Payments

I use specialized service providers to process payments securely and reliably. The legal texts of the individual service providers, such as general terms and conditions or privacy statements, also apply to the processing of payments.

 

In particular, I use

12.11  Werbung

I use the ability to display targeted advertising on third parties such as social media platforms and search engines for our activities and operations.

 

In particular, I would like to use such advertising to reach people who are already interested in or might be interested in our activities and operations (remarketing and targeting). In order to do this, I may share the relevant information - including personal information where appropriate - with third parties who enable such advertising. I may also determine whether our advertising is successful, in particular whether it results in visits to our website (conversion tracking).

Third parties with whom I advertise and where you are logged in as a user may be able to associate your use of my website with your profile there.

I use in particular:


13.    Measurement of success and reach

I try to measure the success and reach of my activities and operations. In this context, I may also measure the impact of third-party links or check how different parts or versions of my online offering are used (A/B testing method). Based on the results of the performance and reach measurements, I may correct errors, strengthen popular content or make improvements.

 

In most cases, the IP addresses of individual users are tracked to measure success and reach. In this case, IP addresses are generally shortened ("IP masking") in order to comply with the principle of data minimization through appropriate pseudonymization.

 

Cookies may be used to measure success and reach, and user profiles may be created. Any user profiles that may be created include, for example, the individual pages visited or content viewed on my website, information about the size of the screen or browser window, and the - at least approximate - location. As a matter of principle, any user profiles are created exclusively in pseudonymized form and are not used to identify individual users. Individual third-party services with which users are registered may be able to assign the use of my online offer to the user account or user profile of the respective service.

I use in particular:

Google Marketing Platform: Measuring success and reach, especially with Google Analytics; Provider: Google; Google Marketing Platform specific information: Measurement also across different browsers and devices (cross-device tracking) with pseudonymized IP addresses, which are only transmitted in full to Google in the USA in exceptional cases, Privacy Policy for Google Analytics, "Browser add-on to disable Google Analytics".



14.    Final note on privacy policy

I have created this privacy policy using Datenschutzpartner's privacy policy generator.

I may update this privacy policy at any time. I will provide notice of updates in a reasonable manner, including by posting the current privacy policy on my website.

bottom of page