1.Scope of application
We undertake to handle your personal data in a responsible manner. We accordingly consider it a matter of course to comply with the legal requirements of the Swiss Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (DPO), the Telecommunications Act (TCA) and other provisions of Swiss data protection law. Regarding personal data of users from the European Union, we also comply with the provisions of the EU General Data Protection Regulation (GDPR).
While you visit the Provenance Proof website or are forwarded to our website, your personal data will be collected and used by us to the following extent and for the following purposes:
2. Description and scope of data processing
2.1. Provision of the website and creation of log files
Each time the Provenance Proof website is visited, our system automatically records data and information from the computer system of the computer from which the site is visited. In particular, the following data are collected, technically anonymised in each case:
The data are also stored in the log files of our system or third parties. No storage of these data together with other personal data of the user takes place.
2.3. Sign up
On our website, we offer users the opportunity to sign up for an account by providing personal data. The data you enter into an input screen are transmitted to us and stored. As part of a know your customer (KYC) process, this data may be forwarded to a third party for verification. The processing of this data including the forwarding to a third party qualifies as legitimate interest pursued by Provenance Proof.
2.4. Personal data entered into the Blockchain
2.5 Contact form and e-mail contact
Alternatively, you can contact us via the e-mail address provided. In this case, the user’s personal data transferred by e-mail or the personal data in accordance with the input screen will be stored. E-mail traffic is not encrypted. The risk remains with the user.
No data are forwarded to third parties in this connection. The data will be used exclusively for processing the conversation or for on-site consultation.
3. Cookies/tracking and other technologies relating to the use of our website
3.1. Provision of the website and creation of log files
We use session cookies to recognise that you have already visited individual pages on our website or that you have already logged into your customer account. These are automatically deleted when you exit our website. Moreover, for the purpose of user friendliness, we use temporary cookies which are stored on your device for a set period of time. If you visit our website again to make use of our services, it will automatically recognise that you have already been there and what settings and inputs you have made so you do not have to re-enter them.
By using our website and consenting to receive newsletters and other marketing e-mails, you consent to the use of these technologies. If you do not want this, you must adjust your browser or e-mail program accordingly.
3.2 Google Analytics and other statistical services
3.3 Social media
4. Purpose and legal basis of data processing
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (FADP).
4.1. For the fulfilment of contractual obligations
Data are processed for the performance of our contracts with our customers or for the performance of pre-contractual measures in response to an enquiry. The purposes of data processing are geared primarily to the specific product or service provided by us. The personal data collected in this way will be used for the entire processing of your use of the Provenance Proof services, including any subsequent warranty claims, technical administration, etc.
4.2 For the balancing of interests
Where necessary we process your data above and beyond the actual fulfilment of the contract in order to uphold our own legitimate interests or those of third parties. Examples:
4.3. On the basis of legal requirements or in the public interest
We as a company are also subject to various legal obligations in which connection we are obliged to process and store your data.
5. Retention of your personal data
We only store your data for as long as is necessary to use the tracking services in our legitimate interest and to perform the services you have requested or consented to.
We process and store your data for as long as this is necessary for the fulfilment of our contractual and statutory obligations. Please note that according to the law certain data have to be retained for a specific period of time. We block these data in our system and only use them for the fulfilment of legal requirements.
6. Disclosing data to third parties
7. Transmitting personal data abroad
We are entitled to forward your data to third-party companies abroad if this is necessary for the execution of your orders, legally permissible or you have granted us your consent. If the data protection level in a country is considered inadequate compared with Swiss standards and/or the EU General Data Protection Regulation, we ensure by way of contract that your personal data are at all times protected in accordance with Swiss guidelines and/or the EU General Data Protection Regulation.
We deploy adequate technical and organisational security measures that we deem appropriate to protect your data stored by us against manipulation, partial or full loss and unauthorised third-party access. Our security measures are constantly adjusted in line with technological developments. Personal data are transmitted in encrypted form. Absolute protection cannot be guaranteed, but the Provenance Proof website and other systems are protected by technical and organisational measures against loss, destruction, access, alteration or processing of personal data. We also take our own internal data protection very seriously. Our employees and the service providers commissioned by us are sworn to secrecy and compliance with the statutory data protection provisions. They are furthermore only granted access to personal data to the extent that is necessary.
9. Options and rights of data subjects
When using the Provenance Proof website, you have several options. You may choose not to provide any personal data at all by not filling out any such forms or data fields on our website and by not using any of the available personalised services. If you choose to provide personal data, you have a right to access, correct, restrict, delete, transfer and object with regard to your personal data to the extent applicable by law.
9.1. Right to information
You can request confirmation from Provenance Proof as to whether personal data concerning you are processed by us.
If such processing exists, you can request the following information from Provenance Proof:
You have the right to request information about whether the personal data concerning you are transmitted to a third-party country or to an international organisation. In this connection you can request to be informed about the suitable guarantees in connection with such transmission.
You acknowledge and agree to the fact that data entered into the Provenance Proof Blockchain may not be corrected or completed or fully deleted due to the technical characteristics of the blockchain technology (e.g. immutability and durability).
9.2. Right of correction
You have a right to correction and/or completion vis-à-vis the controller to the extent that the processed personal data concerning you are incorrect or incomplete. Provenance Proof must make the correction immediately.
9.3. Right to restriction of processing
You can request the restriction of processing of the personal data concerning you under the following conditions, if
9.4. Right to deletion
You can request from Provenance Proof that the personal data concerning you are immediately deleted and the controller will be obliged to delete such data immediately if one of the following reasons applies:
If you should have any questions or wish Gübelin Gem Lab Ltd. to change or delete your profile, please inform us of this in writing (by post) at the following address:
9.5. Right to data portability
You have the right to receive personal data concerning you that you have made available to the controller in a structured, current and machine-readable format. You also have the right to transmit these data to another data controller without obstruction from Provenance Proof to whom the personal data have been made available if
9.6. Right of objection
You have the right for reasons relating to your particular situation to file an objection at any time to the processing of the personal data concerning you.Provenance Proof will no longer process the personal data concerning you unless it is able to provide evidence of compelling legitimate grounds for such processing that outweigh your interests, rights and freedoms or such processing serves the assertion, exercise or defence of legal claims.
9.7. Right to revocation of declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of processing carried out on the basis of consent up to the time of revocation.
10. Contact address
If you wish to contact us regarding our use of your personal data or to object to the processing of your personal data, please send an e-mail to firstname.lastname@example.org contact us by post at the following address: Gübelin Gem Lab Ltd., Maihofstrasse 102, 6006 Lucerne, Switzerland. Should you wish to contact us, you should specify the precise data you wish us to correct, update or delete for you. Please enclose an appropriate identification of yourself. Requests for the deletion of personal data are subject to all legal and ethical reporting, archiving or retention obligations applicable to us.
11. Information for children and parents
This website is intended for adult users. It is forbidden for minors, in particular children under the age of 13, to transmit personal data about themselves to us or to register for a service. If we discover that such data have been transmitted to us, they will be deleted from our database. The parent (or legal guardian) of the child may contact us and request deletion or unsubscription. For this purpose we require a copy of an official document that identifies you as a parent or guardian.