Privacy policy

Last updated in September 2024

With this Privacy Policy, we inform you about which personal data we process in connection with our activities and operations, including our http://www.aiconic-verve.com/ website. We specifically inform you about why, how, and where we process personal data. We also inform you about the rights of individuals whose data we process.

For individual or additional activities and operations, other privacy policies and legal documents such as General Terms and Conditions (GTC), Terms of Use, or Participation Terms may apply.

We are subject to Swiss data protection law as well as, where applicable, foreign data protection law, especially that of the European Union (EU) with the European General Data Protection Regulation (GDPR).

The European Commission recognized in its decision of July 26, 2000 that Swiss data protection law ensures an adequate level of protection. In a report dated January 15, 2024, the European Commission confirmed this adequacy decision.

1. Contact Addresses

Responsible for the processing of personal data:

Arlen Goldmeer Slewa
Arlen Goldmeer Slewa, c/o
Anna Marta Slewa
Weststrasse 118
8408 Winterthur
Switzerland

info@arlen-goldmeer.ch

In individual cases, there may be other persons responsible for processing personal data or joint responsibility with at least one other responsible party.

2. Terms and Legal Basis

2.1 Terms

Personal data refers to any information relating to an identified or identifiable natural person.

Particularly sensitive personal data includes data about union membership, political, religious, or philosophical views and activities, data about health, privacy, ethnicity or race, genetic data, biometric data that uniquely identifies a natural person, data about criminal and administrative sanctions or prosecutions, and data about social assistance measures.

Processing encompasses any handling of personal data, regardless of the means and methods used, such as querying, matching, adjusting, archiving, retaining, reading out, disclosing, acquiring, recording, collecting, deleting, revealing, sorting, organizing, storing, altering, disseminating, linking, destroying, and using personal data.

An affected person is a natural person whose personal data we process.

The European Economic Area (EEA) includes the Member States of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway.

The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data and the processing of particularly sensitive personal data as the processing of special categories of personal data (Art. 9 GDPR).

2.2 Legal Basis

We process personal data in accordance with Swiss data protection law, particularly the Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPO).

We process personal data – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – according to at least one of the following legal bases:

  • Art. 6(1)(b) GDPR for the necessary processing of personal data to fulfill a contract with the affected person as well as to carry out pre-contractual measures.
  • Art. 6(1)(f) GDPR for the necessary processing of personal data to safeguard our legitimate interests or those of third parties, provided that the fundamental rights and freedoms as well as the interests of the affected person do not outweigh them. Legitimate interests include, in particular, our interest in being able to conduct our activities and operations in a continuous, user-friendly, secure, and reliable manner, as well as to communicate about them, ensure information security, protect against misuse, enforce our own legal claims, and comply with Swiss law.
  • Art. 6(1)(c) GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under the applicable law of member states within the European Economic Area (EEA).
  • Art. 6(1)(e) GDPR for the necessary processing of personal data to perform a task that is in the public interest.
  • Art. 6(1)(a) GDPR for the processing of personal data with the consent of the affected person.
  • Art. 6(1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the affected person or another natural person.

3. Type, Scope, and Purpose

We process the personal data that is necessary to conduct our activities and operations in a continuous, user-friendly, secure, and reliable manner. Such personal data may fall into categories such as inventory and contact data, browser and device data, content data, meta or peripheral data, usage data, location data, sales data, and contract and payment data.

We process personal data for the duration necessary for the respective purpose(s) or as required by law. Personal data that is no longer required for processing will be anonymized or deleted.

We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer it to third parties. Such third parties are in particular specialized providers whose services we use. We ensure data protection is upheld by these third parties as well.

We generally process personal data only with the consent of the affected individuals. If and to the extent that processing is permissible on other legal grounds, we may forgo obtaining consent. For example, we may process personal data without consent to fulfill a contract, comply with legal obligations, or protect overriding interests.

We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect during the course of our activities and operations, provided and to the extent that such processing is legally permissible.

4. Communication

We process personal data to be able to communicate with third parties. In this context, we particularly process data that an affected person provides when contacting us, for example, via postal mail or email. We may store such data in an address book or similar tools.

Third parties who transmit data about other individuals are obligated to ensure data protection concerning those affected individuals. This includes ensuring the accuracy of the transmitted personal data.

We use selected services from appropriate providers to improve our communication with third parties.

In particular, we use:

5. Data Security

We take appropriate technical and organizational measures to ensure a level of data security appropriate to the respective risk. With our measures, we particularly ensure the confidentiality, availability, traceability, and integrity of the personal data we process, though we cannot guarantee absolute data security.

Access to our website and our other online presence is secured through transport encryption (SSL / TLS, particularly with Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers warn against visiting websites without transport encryption.

Our digital communication is subject to – as is generally all digital communication – mass surveillance without cause and suspicion by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We have no direct influence over the corresponding processing of personal data by intelligence agencies, police, and other security authorities. We also cannot rule out that individual affected persons may be specifically monitored.

6. Personal Data Abroad

We generally process personal data in Switzerland and the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, particularly to process it there or have it processed.

We may export personal data to any state and territory on Earth as well as elsewhere in the universe, provided that the local law ensures adequate data protection according to a decision by the Swiss Federal Council and – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – according to a decision by the European Commission ensuring adequate data protection.

We may transfer personal data to countries whose laws do not ensure adequate data protection, provided that data protection is guaranteed for other reasons, particularly based on standard data protection clauses or other suitable guarantees. In exceptional cases, we may export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, such as the explicit consent of the affected persons or a direct connection with the conclusion or execution of a contract. We are happy to provide affected persons with information on any guarantees or provide a copy of any guarantees upon request.

7. Rights of Affected Persons

7.1 Data Protection Claims

We grant affected persons all claims in accordance with the applicable data protection law. Affected persons have, in particular, the following rights:

  • Access: Affected persons can request information on whether we process personal data about them, and if so, which personal data is involved. Affected persons also receive the information necessary to assert their data protection claims and to ensure transparency. This includes the processed personal data itself, but also, among other things, information on the purpose of processing, the retention period, any disclosure or export of data to other countries, and the source of the personal data.
  • Correction and Restriction: Affected persons can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.
  • Deletion and Objection: Affected persons can have personal data deleted ("right to be forgotten") and object to the processing of their data with effect for the future.
  • Data Release and Data Transfer: Affected persons can request the release of personal data or the transfer of their data to another responsible party.

We may delay, restrict, or deny the exercise of the rights of affected persons within the legally permissible framework. We may inform affected persons of any conditions that need to be met for the exercise of their data protection claims. For example, we may deny access in whole or in part by referring to trade secrets or the protection of other individuals. We may also refuse the deletion of personal data in whole or in part by referring to legal retention obligations.

In exceptional cases, we may impose costs for the exercise of rights. We will inform affected persons in advance of any potential costs.

We are required to take appropriate measures to identify affected persons who request information or assert other rights. Affected persons are required to cooperate.

7.2 Legal Protection

Affected persons have the right to assert their data protection claims through legal channels or to file a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for complaints by affected persons against private entities and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

European data protection supervisory authorities for complaints by affected persons – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – are organized as members of the European Data Protection Board (EDPB). In some member states of the European Economic Area (EEA), the data protection supervisory authorities are federally structured, particularly in Germany.

8. Use of the Website

8.1 Cookies

We may use cookies. Cookies – whether our own (first-party cookies) or those from third parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data is not necessarily limited to traditional text-based cookies.

Cookies can be stored temporarily in the browser as "session cookies" or for a specific period as so-called permanent cookies. "Session cookies" are automatically deleted when the browser is closed. Permanent cookies have a specified storage duration. Cookies, in particular, allow a browser to be recognized on the next visit to our website, which can be used, for example, to measure the reach of our website. Permanent cookies can also be used for online marketing.

Cookies can be partially or completely disabled and deleted at any time in the browser settings. Without cookies, our website may no longer be fully available. We actively seek explicit consent for the use of cookies – at least if and to the extent necessary.

For cookies used for success and reach measurement or for advertising, a general opt-out for many services is possible through AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

8.2 Logging

We may log at least the following information for each access to our website and our other online presence, provided this information is transmitted to our digital infrastructure: date and time including time zone, IP address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including the amount of data transmitted, and the last website accessed in the same browser window (referrer).

We log such information, which may also constitute personal data, in log files. This information is necessary to provide our online presence in a continuous, user-friendly, and reliable manner. The information is also necessary to ensure data security – including through third parties or with the help of third parties.

8.3 Tracking Pixels

We may incorporate tracking pixels into our online presence. Tracking pixels are also known as web beacons. Tracking pixels – including those from third parties whose services we use – are usually small, invisible images or JavaScript scripts that are automatically retrieved when accessing our online presence. With tracking pixels, at least the same information as in log files can be captured.

9. Notifications and Communications

We send notifications and communications via email and other communication channels, such as instant messaging or SMS.

9.1 Success and Reach Measurement

Notifications and communications may contain web links or tracking pixels that track whether a particular message was opened and which web links were clicked. Such web links and tracking pixels can also capture the usage of notifications and communications on a personal basis. We require this statistical tracking of usage for success and reach measurement to ensure that notifications and communications are sent effectively and user-friendly, as well as securely and reliably, according to the needs and reading habits of the recipients.

9.2 Consent and Objection

You must generally consent to the use of your email address and other contact details unless their use is permitted on other legal grounds. We may use the "double opt-in" procedure to obtain double-confirmed consent if necessary. In this case, you will receive a message with instructions for double confirmation. We may log the consents obtained, including the IP address and timestamp, for proof and security reasons.

You may generally object to receiving notifications and communications, such as newsletters, at any time. By doing so, you can also object to the statistical tracking of usage for success and reach measurement. Necessary notifications and communications related to our activities and operations are exempt from this objection.

9.3 Service Providers for Notifications and Communications

We send notifications and communications with the help of specialized service providers.

In particular, we use:

10. Social Media

We are present on social media platforms and other online platforms to communicate with interested parties and provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland and the European Economic Area (EEA).

The General Terms and Conditions (GTC) and Terms of Use as well as privacy policies and other provisions of the individual operators of such platforms also apply. These provisions inform, in particular, about the rights of affected persons directly vis-à-vis the respective platform, which includes, for example, the right to access.

For our social media presence on Facebook, including the so-called Page Insights, we are – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – jointly responsible with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (including in the USA). Page Insights provide insights into how visitors interact with our Facebook presence. We use Page Insights to make our social media presence on Facebook effective and user-friendly.

Further information about the type, scope, and purpose of data processing, information on the rights of affected persons, as well as contact details for Facebook and Facebook's data protection officer, can be found in the Facebook Privacy Policy. We have entered into the so-called "Controller Addendum" with Facebook, agreeing in particular that Facebook is responsible for ensuring the rights of affected persons. For the so-called Page Insights, the corresponding information can be found on the "Page Insights Information" page, including "Information about Page Insights Data".

11. Services from Third Parties

We use services from specialized third parties to conduct our activities and operations in a continuous, user-friendly, secure, and reliable manner. With such services, we can, among other things, embed functions and content into our website. When such embedding occurs, the services used may temporarily capture the IP addresses of users for technically mandatory reasons.

For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymized form. This includes, for example, performance or usage data required to provide the respective service.

In particular, we use:

11.1 Digital Infrastructure

We use services from specialized third parties to utilize the necessary digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.

In particular, we use:

11.2 Automation and Integration of Apps and Services

We use specialized platforms to integrate and connect existing apps and services from third parties. With such "No-Code" platforms, we can also automate processes and activities with third-party apps and services.

In particular, we use:

11.3 Audio and Video Conferences

We use specialized services for audio and video conferences to enable online communication. This allows us to hold virtual meetings or conduct online classes and webinars. The legal texts of the individual services, such as privacy policies and terms of use, apply in addition to participation in audio and video conferences.

Depending on your situation, we recommend muting the microphone by default and blurring the background or using a virtual background when participating in audio or video conferences.

In particular, we use:

11.4 Social Media Features and Social Media Content

We use services and plugins from third parties to embed features and content from social media platforms and to enable the sharing of content on social media platforms and other channels.

In particular, we use:

11.5 Digital Audio and Video Content

We use services from specialized third parties to enable the direct playback of digital audio and video content, such as music or podcasts.

In particular, we use:

11.6 E-Commerce

We operate e-commerce and use services from third parties to successfully offer services, content, or goods.

In particular, we use:

  • Shopify: E-commerce platform for online stores; Providers: Shopify Inc. (Canada) for online stores in Canada and the USA / Shopify Commerce Singapore Pte. Ltd. (Singapore) for online stores in the Asia-Pacific region / Shopify International Limited (Ireland) for online stores in Europe and the rest of the world; Information on data protection: Privacy Policy, "Privacy Policy for Consumers", "Security".

11.7 Payments

We use specialized service providers to securely and reliably process payments from our customers. The legal texts of the individual service providers, such as General Terms and Conditions (GTC) or privacy policies, apply in addition to the processing of payments.

In particular, we use:

11.8 Advertising

We use the opportunity to display targeted advertisements on third-party platforms such as social media platforms and search engines to promote our activities and operations.

With such advertising, we aim to reach individuals who are already interested in our activities and operations or who might be interested in them (Remarketing and Targeting). To achieve this, we may transmit relevant – possibly also personal – data to third parties who enable such advertising. We can also determine whether our advertising is successful, meaning whether it leads to visits to our website (Conversion Tracking).

Third parties on whose platforms we advertise and where you are registered as a user may potentially associate the use of our website with your profile on those platforms.

In particular, we use:

12. Website Extensions

We use extensions for our website to enable additional functionalities. We may use selected services from appropriate providers or use such extensions on our own digital infrastructure.

In particular, we use:

  • Google reCAPTCHA: Spam protection (distinguishing between desired content from humans and unwanted content from bots and spam); Provider: Google; Google reCAPTCHA-specific information: "What is reCAPTCHA?".

13. Success and Reach Measurement

We attempt to determine how our online offering is used. In this context, we can measure, for example, the success and reach of our activities and operations, as well as the impact of third-party links to our website. We may also experiment with and compare how different parts or versions of our online offering are used ("A/B testing" method). Based on the results of success and reach measurement, we can correct errors, strengthen popular content, or make improvements to our online offering.

For success and reach measurement, the IP addresses of individual users are generally stored. In this case, IP addresses are generally shortened ("IP masking") to follow the principle of data minimization through appropriate pseudonymization.

Cookies may be used for success and reach measurement, and user profiles may be created. Any user profiles created may include, for example, the individual pages visited or content viewed on our website, information about the size of the screen or browser window, and the – at least approximate – location. Generally, any user profiles created are pseudonymized and not used to identify individual users. Certain third-party services where users are registered may be able to associate the use of our online offering with the user account or profile on the respective service.

In particular, we use:

14. Final Provisions

We created this Privacy Policy using the Privacy Policy Generator from Datenschutzpartner.

We may adjust and supplement this Privacy Policy at any time. We will inform you of such adjustments and additions in an appropriate manner, particularly by publishing the current Privacy Policy on our website.