Kambly

Data Protection Statement of Kambly

1. Overview and scope

This Privacy Policy provides information on how and for what purposes companies belonging to the Kambly Group Switzerland (hereinafter also “we” or “Kambly“) process your personal data (hereinafter “you”) that you disclose to us or that we collect from you. This Privacy Policy is not exhaustive; in particular, our contractual terms and conditions for our products and services (e.g. our General Terms and Conditions, Terms of Use, Terms and Conditions of Participation, etc.) may contain additional information on the processing of your personal data.

The following companies in particular belong to the Kambly Group Switzerland:

  • Kambly Holding AG, CHE-100.171.524, Mühlestrasse 4, 3555 Trubschachen, Switzerland;
  • Kambly SA Spécialités de Biscuits Suisses, CHE-101.730.952, Mühlestrasse 4,
    3555 Trubschachen.

The Kambly Group Switzerland operates the following website in particular:

“Personal data” means all data and information relating to an identified or identifiable natural person.

 

2. Responsible person and contact points for data protection issues

As Kambly consists of different companies, the company responsible for the processing of your personal data may vary. As a rule, the Kambly company responsible for processing your personal data within the scope of this Privacy Policy is the one with which you correspond, conduct business or which has referred you to this Privacy Policy in the context of an inquiry, contract or other correspondence.

Depending on the type of data processing, the Kambly companies may individually or jointly assume the role of controller or processor.

The contact person for your questions about data protection is, regardless of which Kambly company is responsible for processing your personal data in the individual case:

 

Kambly SA Spécialités de biscuits suisses

Mühlestrasse 4

3555 Trubschachen

Switzerland

Phone:   +41 34 495 01 11

E-mail:   datenschutz@kambly.ch

 

If you have any questions about data protection, please contact us at the above address.

 

3. Data origin and data categories

As a matter of principle, we only process the personal data that we receive or collect from our customers, suppliers, service providers, interested parties, competition participants, applicants, event participants and (website) visitors as part of our business activities. To the extent permitted, we also obtain certain data from publicly accessible sources (e.g. debt enforcement register, commercial register, press, Internet) or receive such data from other companies, authorities or other third parties. If you provide us with personal data of other persons, we ask you to ensure that these persons are aware of this Privacy Policy and only provide us with their personal data if you have been authorized to do so and if the corresponding personal data is correct.

The personal data or categories of personal data processed by us include, depending on the case, in particular personal details and contact data (e.g. name, address, gender, date of birth, telephone number and e-mail address); identification and background information; contractual data that we receive or collect in connection with the initiation, conclusion and execution of contracts with you (e.g. services used or requested by you as well as associated behavioral and transaction data, financial data for payment purposes such as bank account details, all information transmitted in the online shop); transaction data (e.g. services used or requested by you as well as associated behavioral and transaction data, financial data for payment purposes such as bank account details, all information transmitted in the online shop).e.g. services used or requested by you and associated behavioral and transactional data, financial data for payment purposes such as bank account details, all information transmitted in the online store); transaction data (e.g. payment transaction data, details of your payment order and details of the payee or beneficiary and the purpose of the payment); employment details (e.g. job title, title, employment relationship); communication data (e.g. content of emails, written correspondence, social media posts, comments on websites, telephone conversations, video conferences, proof of identity, marginal data); documentary data or data from your contacts with third parties (e.g. minutes of consultations or conversations, file notes, references); preference and marketing data (e.g. data on the use of our website (incl. online store) or other digital offers, data in connection with the marketing of services, e.g. newsletter subscriptions and unsubscriptions, documents received and special activities, personal preferences and interests); public data that can be obtained about you (e.g. Commercial register data, data from the media and the press); data in connection with proceedings or investigations by authorities, official bodies, courts, organizations or other bodies; data for compliance with legal requirements, such as in connection with export restrictions; image and sound recordings (e.g. photos, videos and sound recordings, recordings of video surveillance systems and recordings of telephone and video conference calls) and technical data (e.g. IP address and other device IDs, identification numbers assigned to your device by cookies and similar technologies).

 

4. Processing purposes and legal bases

4.1 General within the scope of our business activities

We process your personal data primarily for those processing purposes, which are necessary in connection with our business activities and the provision of our services. In particular, we may process your personal data for the following purposes:

  • to communicate with you, in particular to provide you with information or process your requests, to authenticate and identify you, for customer service and customer care;
  • for the performance of contracts, in particular in connection with the initiation, conclusion and execution of contractual relationships. This includes all data processing that is necessary or expedient to conclude, execute and, if necessary, enforce a contract, such as processing to decide whether and how (e.g. with which payment options) we enter into a contract with you (including credit checks), to provide contractually agreed services, to invoice our services and generally for accounting, processing job applications (e.g. managing and evaluating job applications, conducting interviews incl. creating personality profiles) and for the processing of personal data.e.g. managing and evaluating applications, conducting interviews including creating personality profiles, obtaining reference information), enforcing legal claims arising from contracts (debt collection, legal proceedings, etc.);
  • to provide you with our services and products as well as our digital offers (e.g. website incl. online store) and to evaluate and improve them;
  • in order to be able to organize events to which we invite you;
  • to inform you about new developments or to send you other information about our products;
  • for customer care and marketing purposes, e.g. to send you written and electronic messages and offers and to carry out marketing campaigns.
  • in connection with accounting, data archiving and the management of our archives;
  • for training and education: We may process your personal data in order to conduct internal training courses and to train and develop our employees;
  • when selling receivables, e.g. if we provide the purchaser with information about the reason for and amount of the receivable and, if applicable, the creditworthiness and behavior of the debtor;
  • for security measures, in particular for IT and building security (such as access controls, visitor lists, prevention, defense against and clarification of cyber attacks and malware attacks, network and mail scanners, video surveillance, telephone recordings), as well as for the prevention and clarification of criminal offenses and other misconduct or to carry out internal investigations, protection against misuse, evidence purposes, data analysis to combat fraud, evaluation of system-side recordings of the use of our systems (log data);
  • in connection with restructuring or other corporate actions (e.g. due diligence, sale of companies, keeping share registers, etc.);
  • for the assertion of legal claims and defense in connection with legal disputes and official proceedings in Switzerland and abroad, including the clarification of litigation prospects and other legal, economic and other issues;
  • to comply with our legal, regulatory (including self-regulatory) and internal requirements and rules in Switzerland and abroad, including compliance with orders from a court or authority;
  • other purposes: We may process your personal data for other purposes that are necessary to protect our legitimate interests.

We process your personal data for the above-mentioned purposes, depending on the situation, in particular based on the following legal bases:

  • the processing of personal data is necessary for the fulfillment of a contract with you or pre-contractual measures;
  • you have given your consent to the processing of personal data relating to you;
  • the processing of personal data is necessary for compliance with a legal obligation;
  • the processing is necessary to protect the vital interests of the data subject or of another natural person; or
  • we have a legitimate interest in the processing of personal data, whereby our legitimate interests may include the following interests in particular good customer service, to keep in touch and to communicate with customers, including outside of a contract; in promotional and marketing activities; to improve services and develop new ones; to combat fraud; to protect customers, employees and other persons as well as our data, trade secrets and assets; to ensure appropriate security (both physical and digital); ensuring and organizing business operations, including the operation and the further development of websites and other systems; managing and developing the business; selling or buying companies, parts of companies and other assets; enforcing or defending legal claims; complying with Swiss and foreign law and other rules applicable to us.

 

4.2 When visiting our website (incl. online store)

Our website collects a range of user information each time it is accessed, which is stored in the server log files. The information collected includes the IP address, the date and time of access, the time zone difference to the GMT time zone, the name and URL of the file accessed, the website from which access is made, the browser used and the operating system used. The collection of this information or data is technically necessary in order to display our website to you and to ensure its stability and security. This information is also collected in order to improve the website and analyze its use.

 

4.3 Online store for private and corporate customers

In addition to the user information mentioned in section 4.2, we also process the personal data you provide to us when you place orders in the online store. This includes your name, address, e-mail address, date of birth/year of birth and payment transaction data (e.g. TWINT or credit card details) and all personalized products (e.g. photos on tins).

The personal data you disclose to us will be stored by us and processed for the purpose of fulfilling your order. The legal basis for this personal data processing is primarily the fulfillment of a contract with you (or the related pre-contractual measures). Depending on the situation, your consent and our legitimate interest in processing your request form additional legal bases.

 

4.4 Newsletter

If you subscribe to our newsletter, we will use your e-mail address and other contact details to send you the newsletter. The newsletter is sent by the mailing service provider Marketing Monkeys GmbH, Switzerland. The Privacy Policy and further information about Marketing Monkeys can be found here: https://marketingmonkeys.ch/de/datenschutz.

You can subscribe to our newsletter with your consent. The mandatory information for sending the newsletter is your title, your full name and your e-mail address, which we store after your registration. The legal basis for the processing of your data in connection with our newsletter is your consent to the sending of the newsletter. You can withdraw your consent at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail, by e-mail to datenschutz@kambly.ch or by sending a message to our above-mentioned postal address.

 

4.5 E-mail, telephone calls and video conferences

You can contact us via the e-mail address and telephone number provided. The personal data you send us will be stored by us and processed to deal with your request. The legal basis for this personal data processing is your consent and our legitimate interest in processing your request.

If you contact us by e-mail, you authorize us to reply to you via the same channel. Please note that unencrypted e-mails are transmitted via the open Internet, which is why it cannot be ruled out that they can be viewed, accessed and manipulated by third parties. We exclude – as far as legally possible – any liability that you may incur, in particular as a result of incorrect transmission, falsification of content or disruption to the network (interruptions, overloading, unlawful interventions, blocking).

Telephone and video conference calls with us may be recorded; we will inform you of this at the beginning of each call. If you do not want us to record such conversations, you have the option of terminating the conversation at any time and contacting us by other means (e.g. by e-mail or post).

 

4.6 Contact form

You can contact us using the contact form provided on our website. To use the contact form, you must enter your name (including title), address, e-mail address, telephone number and request/message. In addition, you can voluntarily provide further information, namely the company in the case of corporate clients. The personal data you send us will be stored by us and processed to deal with your request. The legal basis for this personal data processing is your consent and our legitimate interest in processing your request.

 

4.7 Cookies and other third-party services

Our website may use cookies and other third-party services. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system or mobile device. The cookie contains a characteristic string of characters that enables the browser or mobile device to be uniquely identified when the website is called up again.

The purpose of using cookies is, on the one hand, to enable and simplify the use of our website for you. Some functions of our website cannot be offered without the use of cookies (so-called technically necessary cookies). On the other hand, we also use cookies/tools to analyze user behavior on our website, namely to measure reach, and finally also for marketing purposes.

 

4.7.1 Technically necessary cookies

Technically necessary cookies are required for our website to function. Therefore, these cookies cannot be switched off in our systems. They usually record important actions, such as the number of requests made, the editing of your privacy settings or filling out forms (e.g. in the online store). Although you can block these cookies in your browser, some parts of our website may then no longer function.

The legal basis for data processing when using technically necessary cookies is our legitimate interest, which lies primarily in ensuring the functionality and improvement of our website.

 

4.7.2 Analytical and marketing cookies and clean tracking

Analytical cookies allow us to analyze visitor behavior and traffic sources so that we can measure the performance of our website and improve the user experience. They help us to recognize how popular which pages are and show how visitors move around our website.

Marketing cookies allow us to provide you with advertising that is relevant to you. These cookies can remember that you have visited our website and share this information with other companies, including other advertisers.

In our cookie settings (https://kambly.com/de/cookie-einstellungen/) you can see which specific analysis and marketing cookies and third-party services we use. We have no influence on the data collected and data processing procedures of the cookie providers and third-party services. These are subject to the respective privacy policies of the cookie providers or third-party service providers. Further information on the purpose and scope of data collection and its processing by the cookie providers or third-party service providers can be found in the privacy policies of these providers. If and insofar as we use analysis and marketing cookies and third-party services, we will obtain your consent to do so. The legal basis for data processing when using analysis and marketing cookies and third-party services is your consent and our legitimate interest, which lies primarily in ensuring the functionality and improvement of our website.

In particular, we may use the following cookies and other third-party services:

  • Google Analytics. You can find the privacy policy for Google Analytics here: https://policies.google.com/privacy.
  • Google Signals. The privacy policy for Google Analytics and Signals can be found here: https://policies.google.com/privacy.
  • Google Tag Manager: The privacy policy for Google Tag Manager can be found here: https://policies.google.com/privacy.
  • Google Ads: The privacy policy for Google Ads can be found here: https://policies.google.com/privacy.
  • GA-Audiences (Google Remarketing): The privacy policy for Google Remarketing can be found here https://policies.google.com/privacy.
  • Google Marketing Platform (including Floodlight): The privacy policy for Google Marketing Platform can be found here: https://policies.google.com/privacy.
  • Facebook Pixel, Facebook Custom Audiences and Facebook Conversion: The privacy policy for Facebook Pixel, Facebook Custom Audiences and Facebook Conversion can be found here: https://de-de.facebook.com/privacy/policy/.
  • Insight Tag from LinkedIn: You can find Insight Tag’s privacy policy here: https://de.linkedin.com/legal/privacy-policy?.

You can object to the use of cookies or third-party services, for example (i) by selecting the appropriate settings in your browser, (ii) by using add-ons for your browser (e.g. “NoScript” http://noscript.net/), (iii) by using appropriate cookie blocker software (e.g. ghostery) or (iv) by downloading and installing the browser plug-in available under the following link regarding cookies from Google: https://tools.google.com/dlpage/gaoptout?hl=de.

To analyze your surfing behavior on our website, we can also use the cookie-less tracking service from Google Analytics. This uses tracking codes that do not collect any personal data. The information is only used to understand how our website is used and thus to optimize it. Clean Tracking guarantees your privacy and enables us to offer you a better surfing experience.

 

4.8 Social Media plug-ins

We use the social media plug-ins listed below on our website. We use the so-called two-click solution, whereby no personal data is initially passed on to the providers of the plug-ins when you visit our website. Only if you click on the marked plug-in field and thereby activate it will the plug-in provider receive the information that you have accessed our website. In addition, the data mentioned in section 4.2 of this declaration will be transmitted. The legal basis for the processing of your data in connection with social media plug-ins is our legitimate interest in enabling our users to use the social media plug-ins.

We have no influence on the data collected and data processing procedures of the plug-in providers. These are subject to the respective privacy policies of the third-party providers. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below.

  • Facebook: https://de-de.facebook.com/privacy/policy.
  • X (formerly Twitter): https://twitter.com/de/privacy.

 

4.9 Applications

You can submit your application for a position with us by post or by e-mail. The application documents and all personal data disclosed to us will be treated confidentially and processed for the purpose of processing your application for employment with us. Without your consent to the contrary, your application file will either be returned to you or deleted/destroyed after the application process has been completed, unless it is subject to a legal duty of safe-keeping. The legal basis for the processing of your data is your consent, the fulfillment of the contract with you and our legitimate interests.

 

5. Disclosure of personal data to recipients and abroad

5.1 Disclosure of personal data to recipients

In addition to the data transfers to recipients expressly mentioned in this Privacy Policy, we may disclose personal data to the following categories of recipients to the extent permitted:

  • other companies of the Kambly Group in Switzerland and abroad;
  • providers to whom we have outsourced certain services (e.g. IT and hosting providers, external accounting, debt collection services, photographers, banks, etc.) as well as other suppliers and subcontractors;
  • business partners of ours;
  • third parties who collect data about you via the website;
  • authorized representative;
  • insurance, social security;
  • credit reference agencies, which store this data for credit rating information;
  • prospective buyers or investors in the event of restructuring or other corporate actions;
  • auditors;
  • parties to potential or actual legal proceedings or litigation;
  • domestic and foreign authorities, official agencies or courts.

 

5.2 Disclosure of personal data abroad

In principle, we process your personal data in Switzerland. However, in exceptional cases (e.g. when using certain service providers or certain software applications), your personal data may also be transferred abroad, primarily to member states of the European Economic Area (including the European Union), but in some cases also to other countries worldwide (e.g. the USA).

If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection as provided for by law by using appropriate contracts (namely on the basis of the so-called “standard contractual clauses” of the European Commission) or rely on the legal exceptions of consent, the execution of the contract, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects. Nevertheless, we would like to point out that data transmitted abroad is no longer protected by Swiss law and that foreign laws and official orders may demand this data to be passed on to authorities and other third parties.

 

6. Retention period

We process and store your personal data for as long as it is necessary for the fulfillment of our contractual and legal obligations or otherwise for the purposes pursued with the processing or for as long as there is another legal basis (e.g. statutory retention periods) for doing so. We retain personal data that we hold on the basis of a contractual relationship with you at least as long as the contractual relationship exists and prescriptive period for possible claims by us run or contractual retention obligations exist. As soon as your personal data is no longer required for the above-mentioned purposes, it will generally and as far as possible be passively set, deleted or anonymized.

 

7. Your rights

You have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing as well as to the disclosure of certain personal data for the purpose of transfer to another body (so-called data portability) within the scope of the data protection law applicable to you and insofar as provided therein. Please note, however, that we reserve the right to assert the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we are entitled to rely on this) or if we need the data to assert claims. If you incur costs, we will inform you in advance.

If data processing is based on your consent, you can revoke your consent at any time with effect for the future. However, this does not affect the lawfulness of the processing carried out on the basis of your consent up to the point of revocation.

The exercise of such rights generally requires that you clearly prove your identity (e.g. by providing a copy of your ID if your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the addresses given in section 2 of this Privacy Policy (by post or email).

Every data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner(http://www.edoeb.admin.ch).

 

8. Data security

We take appropriate security measures of a technical and organizational nature to protect the security of your personal data, in particular to protect it against unauthorized or unlawful processing and to counteract the risk of loss, unintentional modification, unwanted disclosure or unauthorized access. Like all companies, however, we cannot rule out data security breaches with absolute certainty, as certain residual risks are unavoidable. As part of our security measures, we use firewalls, logging and encryption in particular, have authorization concepts and have implemented other protective measures to ensure the most complete possible protection of personal data.

 

9. Adjustments to this Privacy Policy

We expressly reserve the right to amend this Privacy Policy at any time. In the event of such a change, we will immediately publish the amended Privacy Policy on our website. The Privacy Policy published on our website is valid at all times.

 

May 2024

Have something special delivered to you

Online shop

Breathe a little delight into your business

For corporate clients