Data protection statement (as of November 2014)
Hieronymus Stationers AG, Sennweidstrasse 35, 6312 Steinhausen, Switzerland, operates the website www.hieronymus-cp.com. The security and protection of customers’ personal data are matters of the utmost priority at Hieronymus. Hieronymus therefore undertakes to handle this data responsibly. Hieronymus is subject to Swiss data protection legislation in terms of obtaining, processing and using its customers’ personal data.
1. Data collection and processing
a. Website visitors
No data is gathered on people simply visiting the Hieronymus website that would enable them to be personally identified. The information listed in point 6 is stored as a result of using Google Analytics to assess and improve the website and products. However, this information does not allow any conclusions to be drawn about the identity of the visitor.
Only the following data is required in order to process an order: delivery address, invoice address, chosen delivery option, payment method and e-mail address. Disclosing additional personal information by registering on the website is purely voluntary. The following information is gathered on registration: name, e-mail address, password, gender and address. Hieronymus uses this information to tailor its website as closely as possible to customer requirements.
c. Additional information
If a visitor to the website wishes to be sent additional information, he can request this by clicking on the ‘Provide additional information’ function. In order to do this, Hieronymus needs at least the visitor’s e-mail address. Receiving additional information is voluntary and can be deactivated at any time. Data may also be passed on to subcontractors that carry out analyses on behalf of Hieronymus. These third parties are not authorised to use the data for their own purposes without the express consent of the person in question.
d. Payment information is not stored
Hieronymus does not store any credit or debit card details. Credit card payments are handled by external service providers that are certified in accordance with Payment Card Industry (PCI) requirements and that operate solely in accordance with the PCI data security standard (DSS). The payment information requested is always transmitted in encrypted form (SSL encryption).
2. Use and forwarding of personal data
Insofar as the customer discloses any personal information, Hieronymus will only use it to answer enquiries and process contracts and for technical administration purposes. As a basic principle, Hieronymus does not pass on any personal information to third parties, unless this is necessary in order to comply with statutory provisions (e.g. requests from law enforcement authorities) or contractual terms, such as processing deliveries or payments. No other personal information is sold or passed on in any other way.
3. Rights of website users
The customer may request information at any time about what personal data on him is processed by Hieronymus. He is also entitled to have his personal information corrected or deleted. Requests of this kind shall be submitted to Hieronymus in writing (firstname.lastname@example.org).
Cookies (small text files) use the customer’s browser to automatically store information about online preferences. They enable Hieronymus to customise its services and displays in order to improve the user’s experience and security. Cookies do not damage the customer’s system, nor do they adversely affect how it operates. Cookie settings can be changed by anyone on his own computer. It must be borne in mind, however, that deactivating cookies prevents certain individually tailored services from being provided and may mean that not all the functions offered by Hieronymus can be used in full.
The Hieronymus website may contain links to third-party websites. Hieronymus does not operate these third-party websites and is therefore not liable either for the content of these websites or for how they handle personal information. Hieronymus recommends that its customers consult the data protection policy on each individual website.
6. Google Analytics
The Hieronymus website uses ‘Google Analytics’, a web analysis service provided by Google Inc. (‘Google’). Google Analytics uses so-called cookies. These are text files which are stored on the customer’s computer and which allow the use of the website to be analysed. The information obtained via the cookie about use of this website, especially
- the type and version of the Internet browser used
- the operating system used
- the website which was last accessed (referrer URL)
- the IP address of the accessing computer
- the time of the server request
is generally transferred to a Google server in the USA and stored there. Google will use this information on behalf of the operator of this website in order to assess its use, prepare reports on website activity and provide further services to the website operator relating to website and Internet usage. Google may also pass this information to third parties insofar as this is required by law or third parties process this information on Google’s behalf. The IP addresses passed on by Google Analytics are not combined with any other Google data. The customer can prevent the data that is collected via the cookie and that relates to his use of the website (including his IP address) from being passed on to and processed by Google by installing the plugin available via the following link (http://tools.google.com/dlpage/gaoptout). For more information on the terms and conditions of use and data protection in connection with Google Analytics, see http://www.google.com/intl/en/policies/.
7. Data security
Data security has top priority at Hieronymus. The appropriate technical and organisational measures required under Swiss data protection legislation are complied with. Hieronymus uses Secure Sockets Layer (SSL) technology to protect customer data online. SSL encrypts all data input before Hieronymus receives it. The protection of sensitive data is also guaranteed offline. Staff and assistants at Hieronymus are bound by a confidentiality obligation and a duty to comply with the provisions of data protection legislation.
8. Changes to the data protection statement
Hieronymus may amend its data protection statement at any time. The latest version can be viewed on the website www.hieronymus-cp.com and is valid from the time it is uploaded.
Contact details for any questions and comments regarding this data protection statement:
Hieronymus Stationers AG