Privacy Policy

  1. Privacy Policy of Freeways GmbH

    1. What this privacy policy is about 1
    2. Responsible for processing your data 2
    3. Who this privacy policy is aimed at 2
    4. Categories of data we process and how we obtain them 2
    5. Purposes for which your data is processed 5
    6. Basis on which we process your data 6
    7. Profiling and automated individual decisions 6
    8. Transfer of data to third parties 6
    9. Disclosure of data abroad 7
    10. Duration of processing your data 8
    11. Measures to protect your data 8
    12. What rights do you have? 8
    13. Use of cookies and other tracking technologies and analysis tools; integration of third-party services and content on our website 9
    14. Processing of your data on our social network pages 11
    15. Information for job applications and application procedures 11
    16. Can this privacy policy be changed? 12

  2. What this privacy policy is about

  3. Freeways GmbH (hereinafter also referred to as " we ", " us ") acquires and processes personal data that concerns you or other persons (so-called " third parties "). We use the term " data " here as synonymous with " personal data " or " personal data ". This refers to data that relates to a specific or identifiable person, i.e. conclusions about their identity can be drawn from the data itself or with corresponding additional data. In section 4 you will find information about the data that we process within the scope of this data protection declaration. "Processing" means any handling of personal data, e.g. obtaining, storing, using, adapting, disclosing and deleting.

    In this privacy policy we describe what we do with your data when you use [https://freeways.ch] (hereinafter the " Website "), purchase our services or products, otherwise contact us under a contract, communicate with us or otherwise deal with us. If necessary, we will inform you by timely written notice of additional processing activities not mentioned in this privacy policy. We may also inform you separately about the processing of your data, e.g. in contract terms or additional privacy statements.

    If you send us or disclose data about other people (e.g. as part of shipping instructions), we assume that you are authorized to do so and that this data is correct and you confirm this by transmitting such data. In this case, you must ensure that the respective third parties have been informed about this data protection declaration.

    This privacy policy is based on the requirements of the European General Data Protection Regulation (“ GDPR ”) and the Swiss Data Protection Act (“ DSG ”). However, whether and to what extent the GDPR and DSG are applicable depends on the specific individual case.

  4. Responsible for processing your data

  5. Freeways GmbH, based in Schindellegi, Switzerland, is responsible for the data processing described in this data protection declaration, unless otherwise communicated in individual cases.

    You can contact us for your data protection concerns and to exercise your rights under section 12 as follows:

    Freeways GmbH
     Chaltenbodenstrasse 6A
     8834 Schindellegi

    Email: contact@freeways.ch


  6. Who this privacy policy is addressed to

  7. This privacy policy applies to all persons whose data we process (hereinafter referred to as " you "). It applies in particular to the following categories of persons:

    • Visitors to our website,
    • Users of our services,
    • People who write to us or contact us in any other way,
    • Recipients of marketing communications and other information,
    • Contractual partners and service providers,
    • People who apply for a job with us.
  8. Categories of data we process and how we obtain them

  9. We process different categories of data about you. The main categories are as follows:

    • Technical data : When you visit our website, we collect the IP address of your device and other technical data (such as the operating system of your device, date, region and time of use, browser type) to ensure the functionality and security of the website. This also includes logs in which the use of our systems is recorded. We generally store technical data for [24] months. To ensure the functionality of these offers, we can also assign you or your device an individual code (e.g. in the form of a cookie, see section 13). As part of user accounts, registrations or the processing of contracts, this data can be linked to other data categories (and thus possibly to you personally).
    • Registration data : Certain offers and services (e.g. login areas of our website, orders, newsletter dispatch) can only be used with a user account or registration [which is done directly with us / via our external login service providers]. You must provide us with certain data and we collect data about the use of the offer or service. This includes in particular user name, password, name and email address. We generally retain registration data for [36] months after the end of use of the service or the cancellation of the user account.
    • Communication data : If you contact us via the contact form, by email, telephone, letter or other means of communication, we record the data exchanged between you and us, including your contact details and the peripheral data of the communication. This can include in particular your name and contact details, the type and time of the respective communication and the content of the communication. If we want or need to establish your identity, we collect data that we need to identify you (e.g. a copy of an ID card). We usually keep this data for [3] months from the last exchange with you. This period may be longer if necessary for reasons of proof or to comply with legal or contractual requirements or if specified by the respective technical infrastructure. Emails in personal mailboxes and written correspondence are usually kept for at least [10] years.
    • Master data : Master data is the basic data that we require in addition to the contract data (see below) for the processing of our contractual and other business relationships or for marketing and advertising purposes. This includes your name, contact details (address, email address, telephone number, etc.) and further information, e.g. about your role and function, as well as your bank details, date of birth, gender, nationality, customer history, payment details (e.g. your bank details, credit card details or account details), powers of attorney, signature authorizations and declarations of consent. We process your master data if you are a customer or other business contact or work for one (e.g. as a contact person for a business partner), or because we want to contact you for our own purposes or the purposes of a contractual partner (e.g. in the context of marketing and advertising). We can receive master data from various sources: from you yourself (e.g. when making a purchase or as part of a registration), from places you work for, from third parties such as our contractual partners, from publicly accessible sources such as public registers or the Internet (websites, social media, etc.). Master data is not collected comprehensively for all contacts; the specific data we collect depends on the purpose of the respective processing. We generally keep this data for 10 years from the last exchange with you, but at least from the end of the contract. This period may be longer if necessary for reasons of evidence or to comply with legal or contractual requirements, or if it is specified by the respective technical infrastructure. For purely marketing and advertising contacts, the period is normally much shorter, usually no more than 10 years since the last contact.
    • Contract data is the data that arises in connection with the conclusion or processing of a contract. This includes, for example, information about contracts and the services to be provided or provided, the type and date of the conclusion of the contract, as well as data from the run-up to the conclusion of a contract (e.g. the application process), the information required or used for processing and information about reactions (e.g. information regarding invoicing, customer service or complaints). This also includes financial data such as creditworthiness information, reminders or debt collection. We usually collect this data from you, from contractual partners and from third parties involved in the processing of the contract, but also from third-party sources (e.g. providers of creditworthiness data) and from publicly accessible sources. We generally keep this data for [10] years from the last contract activity, but at least from the end of the contract. This period can be longer if this is necessary for reasons of evidence or to comply with legal or contractual requirements or is specified by the respective technical infrastructure.
    • Behavioral and preference data : Depending on the relationship we have with you, we try to get to know you and better tailor our products, services and offers to you. To do this, we collect and use data about your behavior and preferences. We do this by evaluating information about your behavior in our area, and we can also supplement this information with information from third parties - including from publicly accessible sources. Based on this, we can, for example, calculate the likelihood that you will use certain services or behave in a certain way. Some of the data processed for this purpose is already known to us (e.g. when you use our services), or we obtain this data by recording your behavior (e.g. how you navigate our website). We anonymize or delete this data when it is no longer meaningful for the purposes pursued, which can be between [ 52] weeks and [36] months depending on the type of data. This period can be longer if this is necessary for reasons of proof or to comply with legal or contractual requirements, or if it is specified by the respective technical infrastructure.
    • Other data : We may also collect data about you in other situations, e.g. in connection with official or legal proceedings (such as files, evidence, etc.). Finally, we collect and process data about our shareholders and other investors; in addition to master data, this includes information for the relevant registers, regarding the exercise of their rights and the holding of events (e.g. general meetings). The retention period for this data depends on the purpose and is limited to what is necessary. Data about you as a shareholder or other investor is retained in accordance with the requirements of company law, but in any case for as long as you are invested.

    As stated, you provide us with much of the data mentioned in this section 4 yourself. You are not obliged to do so except in individual cases. However, we can only provide you with certain services (such as concluding contracts or communicating) if you provide us with the data required for this purpose.

    Unless this is prohibited, we also obtain data from publicly accessible sources (e.g. debt collection registers, media or the Internet including social media) or receive data from authorities and other third parties (such as credit agencies, address dealers, contractual partners, etc.).

  10. Purposes for which your data is processed

  11. Below we explain the purposes for which we process your data. [tbd – references to sections 13 and 14] These purposes or the objectives underlying them represent legitimate interests of ours and, where applicable, of third parties. Further information on the legal basis for our processing can be found in section [•].

    We process your data to communicate with you , in particular to answer inquiries or when you assert your rights (see section 12) or to contact you if you have any questions. For this purpose, we use communication data and master data in particular. We store this data to document our communication with you, for training purposes, for quality assurance and for inquiries.

    We process your data for the establishment, administration and processing of contractual relationships . This includes in particular the processing for the administration of customer relationships and for the provision and demand of contractual services (possibly also with the involvement of third parties such as logistics companies, suppliers, manufacturers, banks, insurance companies, credit agencies, advertising service providers), but also customer service or the enforcement of legal claims (in particular debt collection or legal proceedings). For this purpose, we process in particular your master data, contract data, communication data and, if applicable, registration data.

    We process your data for marketing purposes and to maintain relationships , e.g. to send our customers and other contractual partners personalized advertising about our products and services and those of third parties. This can, for example, take the form of newsletters and other regular contacts (electronically, by post, by telephone), via other channels for which we have your contact information, but also as part of individual marketing campaigns (e.g. events, competitions, etc.) and also include free services (e.g. invitations, vouchers, etc.). You can reject such contacts at any time (see the end of this section 5) or refuse or revoke your consent to be contacted for advertising purposes. With your consent, we can target our online advertising on the Internet more specifically at you (see section 13). Finally, we also want to enable our contractual partners to contact our customers and other contractual partners for advertising purposes (see section [●]).

    We will continue to process your data for market research, to improve our services and operations, and for product development.

    We may also process your data for security purposes .

    We process personal data to comply with laws, instructions and recommendations from authorities and internal regulations (“ Compliance ”).

    We also process data for the purposes of our risk management and as part of prudent corporate governance , including business organization and corporate development.

    We may process your data for other purposes , e.g. as part of our internal procedures and administration or for training and quality assurance purposes.

  12. Basis on which we process your data

  13. If we ask for your consent for certain processing , we will inform you separately about the corresponding purposes of the processing. You can revoke your consent in writing at any time with effect for the future; you can find our contact details in section [•]. [tbd - if applicable, explanations on revocation for tracking in accordance with section 13] As soon as we have received notification of the revocation of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. Revoking your consent does not affect the legality of the processing carried out up to that point on the basis of the consent.

    Unless we ask for your consent to process your data, our processing of your personal data is based on the fact that the processing is necessary for the initiation or execution of a contract with you (or the entity you represent) or that we or third parties have a legitimate interest in doing so, in particular in order to pursue the purposes and associated objectives described above under point [•] and to be able to take appropriate measures. Our legitimate interests also include compliance with statutory provisions , insofar as these are not already recognized as a legal basis by the applicable data protection law (e.g. in the case of the GDPR, the law in the EEA and Switzerland). [tbd - This also includes the marketing of our products and services, the interest in better understanding our markets and in managing and developing our company, including its operations, safely and efficiently.]

    We may also process your data based on other legal bases, e.g. in the event of disputes due to the need to process the data for a possible legal process or to enforce or defend against legal claims . In individual cases, other legal grounds may apply, which we will communicate to you separately if necessary.

  14. Transfer of data to third parties

  15. In connection with our contracts, the website, our services and products, our legal obligations or otherwise to protect our legitimate interests and the other purposes listed in section [•], we also transmit your personal data to third parties, in particular to the following categories of recipients:

    • [Group companies: tbd]
    • Service providers : We work with service providers in Germany and abroad who process data about you on our behalf or under joint responsibility with us, or who receive data about you from us under their own responsibility (e.g. IT providers, shipping companies, advertising service providers, login service providers, cleaning companies, security companies, banks, insurance companies, debt collection companies, credit agencies, or address checkers). This may also include health data. For the service providers used for the website, see section 13. The service providers named below are central to us; under the links provided you will find information on how these service providers handle data:
       [•]
    • Contractual partners including customers: This primarily refers to our customers and other contractual partners. If you work for such a contractual partner yourself, we can also transmit data about you to them in this context. This may also include health data. The recipients also include contractual partners with whom we cooperate [or who advertise for us and to whom we therefore transmit data about you for analysis and marketing purposes. We require these partners to only send you advertising or display advertising based on your data if you have consented to this (for the online area, see section 13).] The cooperation partners named below are central to us; under the links provided you will find information on how these cooperation partners handle data [tbd - reference to online advertising contractual partners in section 13]:
      [•]
    • Authorities : We may pass on personal data to offices, courts and other authorities at home and abroad if we are legally obliged or authorized to do so or if this appears necessary to protect our interests (e.g. to protect property, other rights or interests or our security, that of our customers or third parties). This may also include health data. The authorities process data about you that they receive from us under their own responsibility.
    • Other persons : This refers to other cases where the involvement of third parties arises from the purposes set out in point [•], e.g. third party payment recipients, third parties also in the context of representative relationships (e.g. consultants), persons involved in proceedings.

    The above categories of recipients may in turn involve third parties, which may also make your data accessible to them. We cannot always restrict processing by such third parties (e.g. authorities).

    [We also allow certain third parties to collect personal data from you on our website and on our own occasions (e.g. media photographers, providers of tools that we have integrated into our website, etc.). To the extent that we are not significantly involved in this data collection, these third parties are solely responsible for it. If you have any concerns or wish to assert your data protection rights, please contact these third parties directly. See section 13 for the website.]

  16. Disclosure of data abroad

  17. As explained in section [•], we also disclose data to other entities. These are not only located in Switzerland. Your data may therefore be processed in Europe; in exceptional cases, however, in any country in the world.

    If a recipient is located in a country without adequate legal data protection, we will contractually oblige the recipient to comply with the applicable data protection (for this purpose we use the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj ?), unless they are already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exception. An exception may apply in particular in legal proceedings abroad, but also in cases of overriding public interests or if the execution of a contract requires such disclosure, if you have consented or if the data concerned has been made generally accessible by you and you have not objected to its processing.

  18. Duration of processing your data

  19. We process your data for as long as our processing purposes, the statutory retention periods and our legitimate interests in processing for documentation and evidence purposes require it, or if storage is technically necessary (e.g. in the case of backups or document management systems). Further information on the respective storage and processing periods can be found in the individual data categories in section [•]. [tbd - or in the cookie categories in section 13]. We delete or anonymize your data after the storage or processing period has expired as part of our usual procedures, provided that there are no legal or contractual obligations to the contrary.

  20. Measures to protect your data

  21. We process your data for as long as our processing purposes, the statutory retention periods and our legitimate interests in processing for documentation and evidence purposes require it, or if storage is technically necessary (e.g. in the case of backups or document management systems). Further information on the respective storage and processing periods can be found in the individual data categories in section 4 [tbd - or in the cookie categories in section 13]. We delete or anonymize your data after the storage or processing period has expired as part of our usual procedures, provided that there are no legal or contractual obligations to the contrary.

  22. What rights do you have?

  23. Depending on the applicable data protection law, you have certain rights. These possible rights include:

    • the right to information about the data we process about you,
    • the right to correct inaccurate or incomplete data,
    • the right to deletion or anonymization of your data,
    • the right to have your data released in a common electronic format or to have it transferred to another responsible party,
    • the right to withdraw consent with effect for the future, if and to the extent that processing is based on your consent[,
    • Add if automated individual decisions are made; see point 7]
    • the right to obtain, upon request, further information necessary to exercise these rights.

    If you wish to exercise the above rights against us [(or against one of our group companies)], please contact us in writing, at our premises or, unless otherwise stated or agreed, by email; our contact details can be found in section [•]. In order to exclude misuse, we must identify you (e.g. with a copy of your ID card if identification is not possible in any other way).

    You also have these rights in relation to other bodies that work with us independently - please contact them directly if you wish to exercise your rights in connection with their processing. Information on our important cooperation partners and service providers can be found in section [•]. [and section 13].

    Please note that these rights may be subject to conditions, exceptions or restrictions under the data protection law applicable in the specific case (e.g. to protect trade secrets or third parties). We will inform you of this if necessary.

    If you do not agree with the way we handle your rights or data protection, please let us [or our data protection officer] (section [•]) know. In particular, if you are in the EEA or Switzerland, you also have the right to complain to the data protection supervisory authority in your country. A list of authorities in the EEA can be found here: https://edpb.europa.eu/about-edpb/board/members_de . You can contact the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html .

  24. Use of cookies and other tracking technologies and analysis tools; integration of third-party services and content on our website

  25. We use various technologies with which we and third parties engaged by us can recognize you when you use the website and, under certain circumstances, track you across multiple visits.

    Essentially, it's about being able to distinguish your access (via your system) from that of other users, so that we can ensure the functionality of the website and carry out evaluations and personalization. We do not necessarily want to draw conclusions about your identity, even if we can do so if we or third parties we engage can identify you by combining you with registration data. Even without registration data, the technology used is designed in such a way that you are recognized as an individual visitor each time you visit the site, for example by our server (or the third party servers) assigning you, your browser or your system a specific identification number (so-called "cookie").

    Cookies are individual codes that our server or a server of our service providers or partners transmits to your system when you connect to our website or our system and that your system receives and stores until the programmed expiry time. Each time you access the website, your system transmits these codes to our server or the third party server, which allows you to be recognized. This can also be done using other techniques, e.g. fingerprinting, in which information about the system you use (e.g. IP address, screen resolution, language settings, etc.) that our server receives is combined to create a more or less unique fingerprint. This means that each time you access a server (e.g. when you access the website or download data linked in an e-mail), your visit can be tracked by us or possibly by one of our service providers.

    We use such technologies on our website and allow certain third parties to do the same. Depending on the purpose of these technologies, we may ask for your consent before they are used. You can access your current settings here [•Insert link]. You can program your browser to block certain cookies or similar technologies or to delete existing cookies. You may also be able to extend your browser with software that blocks tracking by certain third parties. You can find more information on this in the help pages of your browser (usually under the heading "Privacy") or on the websites of the third parties that we list below.

    A distinction is made between the following cookies (including technologies with comparable functions such as fingerprinting):

    • Necessary cookies : These cookies are necessary for the website to work as such or for certain functions to work (for example, these cookies can ensure that you remain logged in or language settings). If you block necessary cookies, the website may no longer work properly. [•Insert overview of necessary cookies used].
    • Performance, preference or statistics cookies : Such cookies record the use of the website and analyze its use, possibly even beyond a session. They are used to optimize the offer. For this purpose, we use analysis services from third-party providers, which we have listed below. [•Insert overview of necessary cookies used]. Details can be found on the websites of the respective third-party providers.
    • Marketing cookies : Marketing cookies are designed to enable us and our advertising partners to place advertising precisely for specific target groups. If you consent to this, we use marketing cookies to record the content you access or the contracts you enter into. [•Insert overview of necessary cookies used]. If you allow the use of marketing cookies, you will see personalized advertising. If you prevent their use, you will simply see some other advertising.

    [In addition to marketing cookies, we can use other techniques to control online advertising on other websites and thereby reduce wastage. For example, we can transmit the email addresses of our users, customers and other people to whom we want to display advertising to operators of advertising platforms (e.g. social media). If the respective people are registered there with the same email address, the operators will show the advertising we have placed to these people in a targeted manner. The operators do not receive personal email addresses of people they do not already know. However, if the email addresses are known, they will find out that these people are connected to us and what content they have accessed.]

    We can also integrate other third-party offers on our website, in particular those from social media providers. Please note that data can be transferred to the social media providers simply by accessing our website or clicking on the link. As soon as you activate these social media offers (e.g. by clicking on a switch), the relevant providers can determine that you are on our website. If you have an account with the social media provider, they can assign this use to you and track it. These social media providers process this data under their own responsibility.

    We currently use offers from the following service providers and advertising partners:

  26. [•]
  27. Processing of your data on our social network pages

  28. We may operate pages and other online presences on social networks and other platforms operated by third parties ("fan pages", "channels", "profiles", etc.) and collect the data about you described in section [•] and below. We receive this data from you and the platforms when you come into contact with us via our online presence (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the platforms evaluate your use of our online presences and link this data with other data about you known to the platforms (e.g. about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g. to personalize advertising) and to control their platforms (e.g. which content they show you).

    We process this data for the purposes described in section 6, namely for communication, marketing purposes and market research. We may distribute content that you publish yourself (e.g. comments) (e.g. in our advertising on the platform or elsewhere). We and the operators of the platforms reserve the right to delete or restrict content in accordance with the usage guidelines.

    For further information on the processing carried out by the platform operators, please refer to the data protection information of the respective platform. There you will also find out where the respective platform processes your data, what rights you have as a data subject and how you can exercise them.

    We currently use the following platforms:

  29. [•]
  30. Information for job applications and application procedures

  31. In addition to the other statements in this privacy policy, the following applies to people who apply for a job with us: We collect and process your data when you apply for a job with us. This processing is intended to carry out the application process. It can also be done electronically, namely if you submit your application documents electronically (e.g. by email).

    If you enter into an employment relationship with us, the data you provide may be included in your personnel file and further processed in connection with the employment relationship. You will be informed separately about the processing of data in this context.

    If you do not enter into an employment relationship with us, your application documents will be deleted [•] months after completion of the application process, provided that there are no legitimate interests or legal obligations that conflict with the deletion.

  32. Can this privacy policy be changed?

  33. This privacy policy is not part of a contract with you. We may amend this privacy policy at any time, e.g. if processing changes. The version published on this website is the current version.

    Last update: 09/2024