This data protection declaration gives you an overview of what personal data gutmeister GmbH (hereinafter “we”) collects about you, for what purpose and how this personal data is processed and to whom it may be passed on. You will also find out what rights you have according to data protection legislation and how you can exercise them.
1. What do we do?
gutmeister.ch (hereinafter “gutmeister”) is a home services marketplace based in Switzerland. Consumers can easily and quickly get offers and prices for home services. Thanks to gutmeister offers and ratings, consumers can directly find the service provider with the best price-performance ratio.
2. What happens to your data?
2.1What is personal data and what does “process” mean?
Data protection always applies when personal data is processed. If we process non-personal data, data protection does not apply. Personal data is any information that relates to you and that makes it possible to identify you – directly or with the help of other sources of information that are generally likely to be used. Such personal data exists, for example, if we store your first name and surname, postal address, telephone number and other details about you, for example, in connection with a user account or an enquiry that you send us. Information from which you cannot be identified (such as statistics on how many people have visited our website), i.e. anonymous data, is not personal data. Processing includes any handling of your personal data, in particular the recording, collection, anonymisation, storage, administration, use, transmission or deletion of your personal data.
2.2What personal data do we process?
We collect personal data from you that you provide to us via our online forms, apps or other digital channels. We also collect personal data that you provide to us in other ways when using our services (e.g. in the course of correspondence and other communication with you – for example by telephone or e-mail). We also collect data in the course of your use of our websites, apps and other digital channels.
In particular, we collect the following personal data:
Master data (name, residential address, telephone number, means of payment, details of your account with us, if one exists, etc.);
Data on how you use our websites, apps and other digital channels and the services we offer;
The data that is necessary or useful for the processing of each service and that you either provide to us directly (e.g. details of the services for which you want us to provide prices or obtain a quote, payment data), that we receive about you; it is all non-public data.
In addition to the data about you that you give us directly, the categories of personal data that we receive about you from third parties include, data relating to your use of the website (e.g. IP address, details of your device and settings, cookies, date and time of visit, pages and content viewed, functions used, referring website, location data). This data can be linked to each other – even across several visits and contacts, for example if you are recognised on the basis of your user name or a device identifier.
2.3 For what purpose and on what legal basis do we process your personal data?
We use the personal data we collect primarily to allow you to use our services and to process the existing inquiries and product offers for you for this purpose, to enable you to use our websites, apps and other digital channels as part of our legitimate interest in an attractive offering, and to comply with our legal obligations at home and abroad. Other persons about whom you provide us with personal data are of course also affected by this.
For example, if you request an offer for someone else, we collect your personal data via online forms or also via apps and process this data, among other things, to fulfil and process your request and to manage and maintain the customer relationship with you (e.g. change of address or phone number).
In addition, we also process personal data of you and other persons, insofar as this is permitted and appears to us to be appropriate, for the following purposes in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
Offering and further developing our offers, services, websites, apps and other platforms on which we are present;
Communicating with third parties and processing their enquiries (e.g. applications, media enquiries);
Testing and optimisation of procedures for needs analysis for the purpose of direct customer contact as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition;
Advertising and marketing (including the organisation of events), insofar as you have not objected to the use of your data (if we send you advertising from us as an existing customer, you can object to this at any time; we will then put you on a blocking list against further advertising mailings);
Market and opinion research, media monitoring;
Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
Guarantees of our operations, in particular IT, our websites, apps and other platforms;
Surveillance to maintain housekeeping and other measures for IT, building and facility security and to protect our employees and other persons as well as assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone records);
Purchase and sale of business units, companies or parts of companies and other transactions under company law and the transfer of personal data in connection with these;
Business management measures and compliance with legal and regulatory obligations and internal rules of our company.
Where you have given us consent to process your personal data for certain purposes (for example, when you register to receive newsletters), we will process your personal data within the scope of and based on that consent, unless we have another legal basis, but we need a legal basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
2.4 Direct marketing and profiling
If you have consented to us using your phone number or email address or other electronic communications for promotional purposes, we will send you regular newsletters and other promotional information via the relevant channels to make you aware of other offers and services. In the case of registration, we may also use your personal data, including how you use our websites, apps and other digital channels, to personalise our promotional activities. Profiling is also carried out in connection with product development and optimisation of our offering. We base this on our legitimate interest in more effective direct marketing, unless we obtain your consent separately for this.
If you have registered for our services or created an account, or if you are a customer of ours, we may send you information about our thematic world to your e-mail address and other electronic means of communication, even without your separate consent.
You can object to the sending of such newsletters and advertising messages as well as to further processing of your e-mail address and other electronic means of communication for this purpose at any time in the respective newsletter by clicking on the link at the end of the newsletter and thus unsubscribing from the newsletter or otherwise following the instructions at the end of the message.
If you do not wish to receive personalised advertising communication, you can also object to this at any time.
2.5 Disclosure of personal data to third parties and abroad
In the course of our business activities and for the purposes set out in section 2.3, we also disclose personal data to third parties, insofar as this is permitted and appears to us to be appropriate, either because they process it for us or because they want to use it for their own purposes. In particular, this concerns the following entities:
Service providers of ours, including contract processors (such as IT providers);
Subcontractors and other business partners;
Vendors (e.g. construction companies, trading companies);
In particular, you should expect your data to be transferred to other countries in Europe through means of your own by accessing your account from any EU country. We host all of the data with Google Cloud located in Zurich Datacentre. However, we reserve the right to black out copies for reasons of data protection law or confidentiality or to supply only excerpts.
Your personal data will not be otherwise disclosed, transferred or sold to third parties outside of our company and providers of services, unless this is necessary in the course of one of our services or you have consented to it.
2.6 How long do we keep your personal data?
We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as a matter of principle and as far as possible. For operational data (e.g. system protocols, logs), shorter retention periods of twelve months or less generally apply.
2.7 Are you obliged to provide us with personal data?
You can use our websites, apps and digital channels in part without registering. Within the scope of our business relationship, you must provide us with those personal data that are necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations (as a rule, you do not have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into a contract with you (or the entity or person you represent) or process an order from you.
Also, the website cannot be used if certain traffic-securing details (such as IP address) are not disclosed. Whether these are always considered personal data is another question.
2.8 Cookies / tracking and other technologies in connection with the use of our websites
2.8.1 What data do we collect?
When you contact us, data is collected on our websites and in our applications by us and third parties through various technologies, which we generally allocate to the other data we collect (e.g. user account), namely automatically transmitted or accrued usage data (e.g. date and time of use, previous and accessed page, IP address, data on the browser used, device identifier, current location, insofar as this information is released, etc.); and
Interaction data, as far as possible without installing additional programs on the computer (e.g. mouse movements and clicks as well as keyboard strokes on the website).
We collect and process this data so that we can continually improve our products and services and adapt them to your needs, identify trends, and compile and evaluate statistics on the use of our digital offerings. This data is also used to provide you with a good user experience. You have the option to prevent the processing of non-personal data at any time. You can find out how to do this in section 2.8.3.
2.8.2 What technologies do we use and why are they used?
On our websites, we typically use “cookies” and similar technologies to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. This allows us to recognise you when you return to this website, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website (“session cookies”), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) (“permanent cookies”). However, you can set your browser to reject cookies, save them for one session only or otherwise delete them prematurely. Most browsers are preset to accept cookies. We use persistent cookies so that we can better understand how you use our offers and content and so that we can show you offers and advertising tailored to you.
On our website, in our apps and also in other digital products, we sometimes use third-party elements and services that provide us with usage statistics, that serve to display third-party advertising or that enable the user to access social networks and other third-party offerings. These third parties are in particular Facebook, Twitter, Google. With these third-party services, which may be located in any country in the world (in the case of Google, it is Google LLC in the USA, www.google.com), we can measure and evaluate the use of the website (not on a personal basis). Permanent cookies set by the service provider are also used for this purpose. The service provider does not receive any personal data from us (and does not keep any IP addresses), but can track your use of the website, combine this information with data from other websites that you have visited and which are also tracked by the service provider, and use these findings for its own purposes (e.g. controlling advertising). If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider then takes place under the responsibility of the service provider in accordance with its data protection regulations. The service provider only informs us how our respective website is used (no information about you personally).
Furthermore, we use so-called plug-ins from social networks such as Facebook, Twitter, Google, or Instagram on our websites. This is apparent to you in each case (typically via corresponding icons). The operators of the respective social networks can register that you are on our website and where, and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection regulations. We do not receive any information about you from them.
In order to protect your privacy, we take into account browser settings which signal that tracking is not desired; we then only work with third parties who also take this into account (more on this here for Internet Explorer, Firefox, Chrome, Safari). However, if you click on the link of an advertisement or any other third-party offer, you leave our sphere of influence and we cannot control the further collection of data. You must then comply with the third party in this respect.
Most internet browsers are set to automatically accept cookies. However, you are free to set your browser so that cookies are generally rejected by selecting “do not accept cookies” in your browser setting, or so that you are prompted in each case before a cookie from an Internet page you visit is accepted. You also have the option of deleting the cookies on your computer or on your mobile device by selecting the corresponding function in your browser. Be aware that you must deactivate or delete the cookies on all your devices. If you choose one of the options described, you may no longer be able to use all the functions of the website to their full extent. We would also like to point out at this point that there is no possibility to object to general, i.e. non-personalised advertisements on our websites.
3. What are your rights in relation to your personal data?
Within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR and partly also the FADP), you have the right to information (the right to find out free of charge, among other things, whether and which personal data we are processing about you), correction (if your personal data processed by us is incorrect), deletion (if we are to delete the data stored by us), restriction of data processing or objection to our data processing (e.g. if we are no longer to do something with your data, such as no longer to use it for direct marketing purposes), as well as to the surrender of certain personal data. (e.g. if you no longer want us to do something with your data, such as not using it for direct marketing purposes) as well as to the release of certain personal data for the purpose of transferring it to another body (so-called data portability).
Please note, however, that we reserve the right to enforce the restrictions provided for by law, for example if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we are entitled to rely on this) or require it for the assertion of claims. If you incur costs, we will inform you in advance.
We have already informed you about the possibility of revoking your consent in sections 2.3 and 2.4.
Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or costs. We will inform you in advance if this is not already contractually agreed.
The exercise of such rights generally requires that you clearly prove your identity (e.g. by means of a copy of your identity card where your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the address given in Impressum page.
Every data subject also has the right to enforce his or her claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner.
4. Data security
We operate data networks and systems that comply with the usual technical standards. Appropriate technical and organisational precautions are taken to conscientiously protect your data from loss, destruction, falsification, manipulation or unauthorised access, such as the issuing of directives, training, IT and network security solutions, access controls and restrictions, encryption of transmissions and other controls. However, the Internet is an open network accessible to everyone. Accordingly, neither we nor our service providers guarantee the confidentiality of data transmitted over the internet and the anonymity of the use of our websites, apps and other digital channels.
5. Who can you contact? Who is responsible?
Responsible for data processing as described here is gutmeister GmbH If you have any data protection concerns, you can contact us through any digital channel available.
6. Legal basis