With the following information, we would like to give you an overview of how we process your personal data and your rights under data protection law.
Articles 4 et seqq. of the Federal Act on Data Protection (FADP) form the basis for processing personal data in Switzerland. To the extent that such processing falls within the scope of the EU General Data Protection Regulation (GDPR), Art. 6(1)(a) – (c) GDPR provide the legal basis for processing personal data. Where processing is necessary to safeguard a legitimate interest of SV (Switzerland) Ltd or of a third party and your interests and fundamental rights do not outweigh such legitimate interest, Art. 13 FADP and Art. 6 (1)(f) GDPR serve as the legal basis.
This service (hereinafter “App”) is provided by SV (Switzerland) Ltd, Wallisellenstrasse 57, 8600 Dübendorf, e-mail: datenschutz_CH@sv-group.ch, (hereinafter “We” or “Us”) as a data controller within the meaning of the applicable data protection law. Further details about us can also be found in the Legal Notice.
Within the App, after registration and validation, we will enable you to select and purchase products via an Emil Fröhlich refrigerator (hereinafter “Emil”) positioned within Bluetooth range.
When you use the App, we process personal data about you. Personal data means any information relating to an identified or identifiable natural person. Because it is important to us to protect your privacy when using the App, we would like to inform you about which personal data we process when you use the App and how we handle it. We will also inform you of the legal basis for processing your data and, insofar as processing is necessary to safeguard our legitimate interests, also of our legitimate interests.
Certain information is processed automatically as soon as you use the App. We have listed for you below which specific personal data are processed:
When downloading the App, certain necessary information is transmitted to the App Store selected by you (e.g. Google Play or Apple App Store); in particular, the user name, e-mail address, the customer number of your account, the time of download, payment information and the individual device identifier can be processed. This data is processed exclusively by the respective App Store and is outside our sphere of influence.
As part of your use of the App, we automatically collect certain data necessary to use the App. This includes, but is not limited to the internal device ID, version of your operating system, time of access.
These data will be automatically transmitted to us (1) to provide you with the service and the associated functions; (2) to improve the functions and performance features of the App; and (3) to prevent and eliminate misuse and malfunctions. This data processing is justified by the fact that (1) the processing is necessary to perform the contract between you as a data subject and us pursuant to Art. 13 (2)(a) FADP or Art. 6 (1)(b) GDPR in order to use the App, or (2) we have a legitimate interest in being able to guarantee the functionality and error-free operation of the App and to offer a market-friendly and interest-friendly service that outweighs your rights and interests in protecting your personal data within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR.
We create a profile for each customer who registers with us, i.e., password-protected direct access to your user data stored with us. You can manage your data here. If you wish to create such a profile or log in, you must share some data without which the profile cannot be created (“Mandatory Information”). The following data must be provided when registering:
- E-mail address
- First and last names
- Means of payment
The name and email address are absolutely necessary in order to identify you as a contracting partner and to be able to provide you with optimal offerings. You must provide the means of payment so that it can be stored for purchases and used to process the purchases. We provide you with further information through your email address and generally use it to communicate with you.
This data processing is justified by the fact that (1) the processing is necessary to perform the contract between you as a data subject and us pursuant to Art. 13 (2)(a) FADP or Art. 6 (1)(b) GDPR in order to use the App, or (2) we have a legitimate interest in being able to guarantee the functionality and error-free operation of the App that outweighs your rights and interests in protecting your personal data within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR. Moreover, you consent to this data processing by entering your data for the aforementioned purposes (Art. 13 (1) FADP or Art. 6 (1)(a) GDPR).
Within the App, you can enter, manage and process various information, tasks and activities. This information includes, but is not limited to, your dietary preferences (filter settings), your consumer behaviour when selecting and purchasing your products, and location data to provide the Emil Fröhlich offerings in your vicinity. You can consult the history of your purchases. You can also report problems to us and communicate with us to resolve them. In addition to the data you entered during registration for the stated purposes, we process data for the following purposes when the App is used:
Data about you: When the App is used, we first process all data that you provide to us during registration or through subsequent changes in order to be able to use the App and its functions. This includes, but is not limited to, the following data about you: identification numbers of your technical devices, the user data entered by you (e.g. name, email address and telephone number), the filter settings selected by you and information about the means of payment used by you.
We process these data sets in order to be able to perform the contract with you and/or process a request from you in connection with performing the contract, for technical administration, to perform our services, to communicate with you in connection with performing the contract (Art. 13 (2)(a) FADP or Art. 6 (1)(b) GDPR), but also for the purposes of a legitimate interest (Art. 13 (1) FADP or Art. 6 (1) (f) GDPR) in order to promote and offer our services to you (more information in this regard in the next sub-point, “Data on customer’s activity”).
Data on customer’s activity: we also receive information about your purchasing habits and preferences from your purchases and the compilation of these over time (“My Purchases”). This includes, but is not limited to, the following data: purchase date, place, time, type, quantity and value of the purchased products, means of payment used. The purchase history is intended to give you the opportunity to understand your purchases and compare them with the payments made. In addition, this history may help you remembering foods that you have particularly enjoyed.
We use your information to understand and constantly improve your purchasing experience and to design it for you in a customer-friendly and individual manner, to communicate with you about your orders as well as about certain products or marketing campaigns, and to recommend products and services that may interest you. In this regard, we have a legitimate interest within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR and are convinced that your interests in protecting your data do not preclude them.
During use of the App, we also receive information about the terminal device you use, your connection to the internet, the operating system, and information we receive from you (including information transmitted or generated automatically). We also process this information in order to optimize the App and adapt it to your needs and purchasing experiences. Your customer behaviour may also be analysed and your data processed for advertising and marketing purposes within the scope of a legitimate interest (Art. 13 (1) FADP or Art. 6 (1)(f) GDPR).
You may object to the use of your personal data for advertising purposes at any time, either in general or for individual measures (see also Clause 7.6).
Location data: Depending on your App settings and the authorization settings of your device, SV (Switzerland) Ltd may also collect information on your precise or approximate location based on data such as GPS, IP address, Bluetooth and Wi-Fi. In any case, in order to open a refrigerator, a Bluetooth connection is necessary at least temporarily. In this respect, the App requests a corresponding authorization for Bluetooth access and location clearance in the course of purchase processing.
This data will be processed and used for the purpose of providing the service. This data processing is justified by the fact that the processing is necessary to perform the contract between you as a data subject and us pursuant to Art. 13 (2)(a) FADP or Art. 6 (1)(b) GDPR in order to use the App, but in any case there is a legitimate interest on our part in such data processing pursuant to Art. 13 (1) FADP or Art. 6 (1)(f) GDPR.
No cookies are used in our app.
The App uses Google Analytics, a web analytics service of Google Inc. (“Google”). The information generated about your use of this App is generally transferred to a Google server in the USA and stored there. Google will use this information on behalf of the operator of this App to evaluate your use of the App, compile reports about App activities and provide additional services related to App use and internet usage to the App operator.
We use Google Analytics to analyse and regularly improve the use of our app. The statistics we obtain allow us to improve our offering and make it more interesting for you as a user. The legal basis for use of Google Analytics is Art. 6 (1) (f) GDPR and Art. 13 (1) FADP.
Google processes your data in the USA and has subjected itself to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.
Whenever our app is accessed, your mobile device transfers certain user data to us for technical reasons and stores it in log files. This involves the following usage data: date and time of App use; IP address of your mobile device; quantity of data transferred; and name and version of your mobile device. This data processing is carried out in order to perform our contract with you (Art. 13 (2)(a) FADP or Art. 6 (1)(b) GDPR), but also for the purposes of a legitimate interest (Art. 13 (1) FADP or Art. 6 (1)(f) GDPR).
The evaluation of the log files also helps us to further improve our app, make it more user-friendly, detect and correct errors faster and manage server capacity. Using the log files, we can determine, for example, the time at which using our app is particularly popular and make corresponding data volume available to ensure you the best possible user experience. This data processing is performed in accordance with Articles 13 (1) FADP or Art. 6 (1)(f) GDPR.
When processing a purchase, a credit check is carried out by our payment processing partner to ensure that the purchase agreement can be properly performed (Art. 13(2)(a) FADP or Art. 6 (1)(b) GDPR). This is done via the company Six Payment Services. For the details of data processing in this context, we refer to our supplier’s Privacy Statement, which you can access here: https://www.six-payment-services.com/de/services/legal/privacy-statement.html
Any disclosure of personal data is justified by our legitimate interest in disclosing the data within our corporate group for administrative purposes and for purposes of customer support and care, and by the fact that your rights and interests in protecting your personal data within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR do not outweigh our interest.
Where necessary to investigate illegal or abusive use of the App or to pursue legal proceedings, personal data will be forwarded to law enforcement authorities or other authorities and, where applicable, to injured third parties or to legal advisers. This will only happen, however, if there are indications of unlawful or abusive conduct. Disclosure may also take place for the purpose of enforcing the terms and conditions of use or other legal claims. We are also legally obliged to provide information to certain public authorities upon request. These include criminal prosecution authorities, law enforcement agencies prosecuting administrative offenses, and tax authorities.
Any disclosure of personal data is justified by the fact that (1) the processing is necessary in order to comply with a legal obligation that we are subject to pursuant to Art. 13 (1) FADP or Article 6 (1)(f) GDPR in conjunction with national legal requirements for disclosure of data to law enforcement agencies, or (2) we have a legitimate interest in disclosing the data to the specified third parties in case of indications of abusive behaviour or to enforce our terms and conditions of use, other terms, or legal claims, and your rights and interests in the protection of your personal data within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR do not outweigh our interests.
We rely on contractually affiliated external service providers to provide our service, e.g. providing the software, processing payment transactions for us or organizing marketing measures for us.
Any disclosure of personal data to such service providers, possibly also in foreign countries, is justified by the fact that we have carefully selected, regularly reviewed and contractually obliged our third-party contractors and external service providers as commissioned data processors under Art. 28 (1) GDPR to process all personal data exclusively in accordance with our instructions.
In this context, it may also become necessary to transmit your data into the USA in order to provide our services.
Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to economic and legal circumstances where necessary and that your rights and interests in protecting your personal data within the meaning of Art. 13 (1) FADP or Art. 6 (1)(f) GDPR do not outweigh our interests.
We also process data in countries outside the EU and the European Economic area (“EEA”), in particular in Switzerland and the USA.
According to the decision of the European Commission of 26 July 2000 (OJ No. EC 2000 L 215, 1), Switzerland has an adequate level of data protection. This decision is also applicable until further notice after the entry into force of the GDPR (Art. 45 (9) GDPR).
Your personal data is only processed for purposes other than those described above to the extent permitted by law or if you have consented to the modified purpose of the data processing. In case of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.
We have technical and organisational security procedures in place to protect the security of your personal data and to protect your user session data and personal data against unauthorised or unlawful processing and/or against accidental loss, alteration, publication or access. However, you should always be aware that the transmission of information via the Internet and other electronic means poses certain security risks and that we cannot assume any guarantee for the security of the information transmitted in this way.
We delete or anonymise your personal data as soon as it is no longer necessary for the purposes for which we collected or used it in accordance with the foregoing paragraphs and no statutory retention obligations preclude deletion. If the data is needed for a longer period for criminal prosecution or for securing, asserting or enforcing legal claims, it will be processed until such purposes are achieved and then deleted after expiration of any statutory retention periods.
As a user of this offer, you have, inter alia, a comprehensive right to information about, correction, deletion and restriction of your stored data at all times. More specifically, you can exercise the following rights; please address any corresponding request to the contact addresses set out below.
Pursuant to Art. 4 FADP or Art. 7 (3) GDPR, you have the right to revoke any consent once granted to us at any time. This means that in the future, we will no longer be permitted to carry out the data processing which was based on this consent. This may mean that you can no longer use our services.
You have the right to obtain from us information about the personal data concerning you that we process at any time upon request within the scope of Art. 8 FADP or Art. 15 GDPR. To this end, you can submit a request by post or by e-mail to the address indicated below.
Pursuant to Art. 5 FADP and Art. 16 GDPR, you have the right to demand that we correct your personal data promptly, should they be incorrect.
You have the right, under the conditions described in Art. 5 FADP or Art. 17 GDPR to ask us to delete the personal data concerning you. These requirements provide, in particular, for a right to deletion where the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to delete under European Union or Swiss law.
You have the right to require us to restrict processing. This right exists particularly when the accuracy of the personal data is disputed between you and us, for the period required to verify accuracy, and in case you require limited processing instead of deletion in the case of an existing right to deletion; furthermore, when the data is no longer necessary for the purposes we pursue, but you require it to assert, exercise or defend legal claims, as well as if the successful exercise of an objection between you and us is still disputed.
You have the right to receive from us the personal data about you that you have provided to us in a structured, commonly used, machine-readable format in accordance with Art. 8 FADP or Art. 20 GDPR.
If the data processing falls within the scope of the GDPR, you have the right to object according to Art. 21 GDPR at any time to the processing of your personal data based, among other things, on Art. 6 (1) (e) or (f) GDPR for reasons arising from your particular situation. We will no longer process your personal data unless we can demonstrate compelling legitimate reasons for such processing that outweigh your own interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
In cases where we process your personal data for direct marketing purposes, you have the right to object to processing for advertising purposes at any time and without restriction, including for profiling measures, insofar as they relate to such direct marketing.
If our data processing is subject to the GDPR, you also have the right under Art. 77 GDPR to complain to the competent supervisory authority if you believe that the processing of your personal data violates the European Data Protection Regulation or national law.
However, we recommend you to contact us in advance as data controller. This often allows many questions to be resolved without the intervention of the supervisory authority.
If you have any questions or comments about our handling of your personal data or if you would like to exercise the rights set out in points 6 and 7 as a data subject, please contact:
Our representative in the European Union (Art. 27 GDPR):
Thomas Brodinger, Thomas.Brodinger@sv-group.at
Version of March 2021
Alles was wir machen, machen wir, damit wir unsere Kunden und deren Mitarbeiter*innen fröhlich machen.
EMIL Fröhlich, Gründer & Visionär