DATA PROTECTION POLICY

1. General Information

In this privacy policy, Lantal Textiles AG (hereinafter "Lantal," "we," or "us") explains how it collects and/or processes personal data on the website https://www.lantal.com. Protecting your privacy and data is of utmost importance to us. We ensure the lawful processing of your personal data. This privacy policy applies to all individuals whose data we process, regardless of how they provide us with their personal data (e.g., by phone, email, etc.).

Personal data refers to any information relating to an identified or identifiable individual. An affected person is someone about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and methods used, including but not limited to collecting, disclosing, acquiring, deleting, storing, altering, destroying, and using personal data.

The website of Lantal Textiles AG is subject to Swiss data protection law (Federal Data Protection Act, hereinafter "DSG") as well as the EU General Data Protection Regulation (hereinafter "GDPR"). However, the applicability of these laws depends on the individual case.

If you provide us with personal data of other individuals (e.g., family members), we ask you to ensure that these individuals have read and accepted this privacy policy. Only share their personal data with us if you are permitted to do so and if the personal data provided is accurate.

 

2. Data Controller / Internal Data Protection Officer / EU Data Protection Representative

For the processing of personal data, the responsible entity is:

Lantal Textiles AG

Data Protection Officer: Georg Probst

Dorfgasse 5
CH-4900 Langenthal 

Tel.: +41 62 916 72 52
E-Mail: georg.probst(at)lantal.ch

unless otherwise specified in individual cases. For privacy-related concerns, please contact us at the address provided above.

Our representative in the EEA (European Economic Area) pursuant to Article 27 of the GDPR (if required) is:

e-comtrust international ag

Branch Bremen
Achterdiek 28b
G-28359 Bremen 

Tel.: 0049 (0)421 849 198 00
E-Mail: info(at)eu-datenschutz-vertreter.ch

The data protection representative serves as an additional point of contact for individuals in the European Union (EU) and the rest of the European Economic Area (EEA) for inquiries related to the GDPR. The European Economic Area (EEA) includes the member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway.

 

3. Collection and Processing of Personal Data

Primarily, we process personal data that we receive in the course of our business relationship, particularly in connection with the conclusion and execution of contracts. 

You typically provide us with your personal data such as name, first name, address, email address, telephone number, date of birth, gender, etc., when you communicate with us and voluntarily provide the data.

We may also obtain further personal data from publicly accessible sources, such as the debt collection and commercial register, land registers, or from press and the internet, provided that such processing is permissible for legal reasons.

 

4. Legal Basis and Purpose of Data Processing

In accordance with Swiss data protection law, especially the Federal Data Protection Act (Datenschutzgesetz, DSG) and the Data Protection Ordinance (Datenschutzverordnung, DSV), we process personal data.

If and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with Art. 6 para. 1 et seq. GDPR. 

For the processing of personal data, we require your consent in accordance with Art. 6 para. 1 lit. a GDPR and Art. 31 para. 1 DSG.

The legal basis for the processing of personal data transmitted via email/phone is Art. 6 para. 1 lit. f GDPR and Art. 31 para. 2 lit. a DSG. If the email contact/phone contact aims at concluding a contract, an additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR and Art. 31 para. 2 lit. a DSG.

When contacting us via email or phone, the processing of personal data serves solely to process the contact request. The necessary legitimate interest in processing the data exists, as well as the customer's consent.

We process those personal data that are necessary to permanently, user-friendly, and securely carry out our activities and tasks. These include personal data falling into categories such as:

• Inventory and contact details;
• Browser data;
• Metadata;
• Usage data;
• Sales data;
• Contract and payment data;
• etc.

The personal data collected by us are primarily used for the conclusion and execution of contracts and the fulfillment of contractual obligations within the scope of our business relationship.

 

5. Disclosure of Personal Data to Third Parties

We may have third parties process personal data. We may jointly process or transmit personal data with third parties, particularly third-party providers whose services we utilize. We ensure data protection with such third parties.

In connection with the purposes listed in section 5, we primarily transmit your personal data to the following categories of recipients. If necessary, we obtain your consent for this.

• Subsidiaries of Lantal Textiles AG

• Sales agents

• Commissioned service providers in Switzerland and abroad: Our service providers in Switzerland and abroad, who process personal data on our behalf as independent or joint controllers or as our data processors, e.g. IT service providers. A data processor is a natural or legal person, authority, institution or other entity that processes personal data on behalf of the controller.

 

We mainly process and store personal data in Switzerland and the European Economic Area (EEA).

If a recipient is located in a country without adequate data protection, we contractually obligate the recipient to adhere to an adequate level of data protection unless they are already subject to a legally recognized framework for ensuring data protection. We may also disclose personal data to a country without adequate data protection without entering into a separate contract if we can rely on an exception provision. An exception may apply, in particular, in cases of foreign legal proceedings, significant public interests, or if the execution of a contract in your interest requires such disclosure, if you have consented, or if obtaining your consent within a reasonable period is not possible and disclosure is necessary to protect your life or physical integrity or that of a third party, or if the data are generally accessible and you have not objected to their processing. We may also rely on the exception for data from a legally provided register (e.g., commercial register) to which we have legitimately gained access.

6. Duration of Storage

Your personal data is processed and stored only for the period necessary to achieve the storage purpose (fulfillment of our contractual obligations) or as provided by the European legislator or the Swiss legislator in laws or regulations to which the controller is subject. The rules for the use and deletion of personal data processed in a specific contractual relationship are regulated in the respective contract.

Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose of their collection. For personal data transmitted by email, this is the case when the respective conversation with the data subject is terminated. The conversation is deemed terminated when it can be inferred from the circumstances that the matter at hand has been conclusively resolved.

7. Data Security

We implement appropriate organizational and technical security measures to safeguard the security of your personal data, protect them against unauthorized or unlawful processing, and counteract the risk of loss, accidental alteration, unintended disclosure, or unauthorized access. However, like all companies, we cannot completely eliminate data security breaches; certain residual risks are unavoidable. Technical security measures include data encryption and pseudonymization, logging, access restrictions, and the storage of backups. Organizational security measures include instructions to our employees, confidentiality agreements, and controls. We also obligate our processors to implement appropriate technical and organizational security measures. Email communication with you is encrypted when personal data or particularly sensitive personal data are involved.

8. Rights of Data Subjects

Under applicable data protection law, you have the right to request information at any time about whether personal data about you is being processed, and the right to request correction, deletion, or restriction of the processing of personal data about yourself, to object to the processing of personal data, and - where applicable - the right to receive personal data in a structured, commonly used, and machine-readable format for transmission to another controller (so-called "data portability"). You also have the option to revoke your consent.

Please note, however, that the above-mentioned rights may be denied or restricted due to legal and contractual retention obligations, our predominant interest (where we are entitled to rely on it), or if it serves to assert, exercise, or defend legal claims on our part. If there are any costs for you, we will inform you in advance. 

To exercise your rights, you can contact us at the address provided in section 2 of this privacy policy. The exercise of such rights generally requires clear proof of your identity (e.g., by providing a copy of your ID where your identity is not otherwise clear or verified).

9. Changes

We reserve the right to amend, supplement, or otherwise modify this privacy policy at any time and without stating reasons. The current privacy policy published on the website www.lantal.com shall apply. If the privacy policy is part of an agreement with you, we will inform you of any updates to the policy in an appropriate manner.

 

 

 

Version 2.1 dated May 21, 2024 probge