URMA Privacy Policy
This privacy policy was published on 1 September 2023. You can view the previous versions here.
We at URMA AG are delighted that you have chosen to visit our website and that you are interested in our company. We are obliged to protect your data in accordance with the EU General Data Protection Regulation (GDPR) 2016/679 of 27 April 2016 and with the Swiss Data Protection Act (DSG) of 1 September 2023 and to observe the provisions of that legislation. This privacy policy explains when and why we collect personal data, how we use it, the circumstances under which we disclose it to other people and how we protect the data. This privacy policy applies to the use of our website www.urma.ch, http://www.urma.ch/shop, to our sales and marketing activities and to fulfilment of customer contracts. It also applies to individuals who apply for a job at URMA.
Data controller
Urma AG
Obermatt 3
5102 Rupperswil, Switzerland
Email: info@urma.ch
Telefon: +41 62 889 20 20
Data protection officer
Data protection officer
Obermatt 3
5102 Rupperswil, Switzerland
Email: privacy@urma.ch
Telefon: +41 62 889 20 20
Data collection and processing: When and how is your data collected and processed?
- When you use our products and provide us with your personal data.
- When you interact with us in person by correspondence, telephone, social media or our website. This is also the case if you communicate with us as a representative of a company, e.g. to conclude a contract with URMA, to request support or ask us other questions. Please note that we do not transfer personal data from social media and do not process personal data in any other way outside the social media platform.
- If we collect personal data from other legitimate sources, such as data aggregators of third-party providers, service providers, business partners, companies in the group, credit agencies, public sources of social networks. We use this data only if you have given your consent for your personal data to be shared with others (opt-in).
- We may collect personal data if this is regarded as a legitimate interest and that interest does not conflict with your data protection interests. Before each instance of data collection, an assessment is drawn up to ensure that it is in your and URMA's mutual interest.
Purpose of data collection and use of personal information
We collect and use personal data primarily to carry out direct sales and direct marketing and to provide customer service. We also collect data about suppliers, partner firms, applicants and employees of our company.
We may use your information for the following purposes:
- To send you marketing information which you have requested This may include information about our products and services, events, activities and advertising promotions for our products and services and those of our associated partners. This type of communication is based on a subscription and requires your consent.
- You receive interest-based subscriptions by default, but you can choose to cancel the subscription at any time.
- To send you information about the products and services that you have purchased from us.
- To carry out direct sales activities if there are legitimate and mutual interests.
- To send you details of the content and event location for webinars or events for which you have registered.
- To respond to a request for us to contact you and other web forms (e.g. for downloading a white paper) that you have completed on one of the URMA web pages. As soon as you complete and submit a form, we will track your activities on our website so that we can make personal contact with you in this connection.
- To process incoming enquiries (customer support, emails and telephone calls).
- To give your access to the URMA website.
- To fulfil contractual obligations, such as order confirmations, invoices, reminders, etc. The contract may be concluded directly with URMA or with a partner of URMA.
- To notify you of any disruptions to our services (system messages).
- To contact you about taking part in surveys of your opinion about our products and services.
- For recruitment and processing of applications.
The legal basis for our collection of personal data
Collection of personal data on the basis of your consent
Collection of personal data based on the consent of the data subject is carried out using "consent forms" which store documentation of the individual's consent. Consent from individuals is always stored and documented in our systems. We may send digital marketing materials, such as the newsletter, by email to people who have given their consent.
Collection of personal data on the basis of contracts
We use personal data to fulfil our obligations in relation to contracts and agreements with customers, partners and suppliers.
Collection of personal data on the basis of legitimate interests
We can use personal data if it is regarded as being in our legitimate interest and that interest is not overridden by the data protection interests of the data subjects. An assessment is usually made to determine a legal basis for data collection, in which a mutual interest is identified for URMA and the individual. This legal basis relates primarily to our sales and marketing purposes and we may send information about products and services to our customers on the basis of that legitimate interest. We always notify individuals of their data protection rights and the purpose of the collection of personal data.
Type of personal data collected
In addition to the name and contact details of your company, we also collect your name, telephone number, function and email address. If you are a representative of a company, we process your personal contact details in combination with those of your company. On conclusion of a contract with URMA, the signature may take electronic form and involve processing of your personal data. We may also collect feedback, comments and questions submitted by you in service-related communications and activities, such as meetings, telephone calls, documents and emails. We may collect the IP address and the activities you carry out on the site via our web pages.
If you apply for a job with URMA, we collect the data that you provide to us during the application process
URMA does not collect and process any special categories of personal data, such as public unique identifiers or sensitive personal data.
Data storage
We store your personal data for as long as we consider necessary to fulfil the purpose for which the personal data was collected, while we also take account of the necessity for us to answer your enquiries or clarify potential problems, to comply with the requirements of applicable law, to deal with all legal claims/complaints and for backup purposes.
This means that we may store your personal data for an appropriate period after your last interaction with us. When the personal data we have collected is no longer required, we will erase it in a secure way. We may process data for statistical purposes. In those cases, however, the data is anonymised.
Your rights in relation to your personal data
You have the following rights in relation to your personal data:
they include the right to information, the right to rectification of incorrect data and a right to object.
All enquiries about your data protection rights should be directed to privacy@urma.ch.
Is personal data sent abroad?
Yes, that is a possibility. Data may be stored in the EEA (European Economic Area) and exceptionally in any other country in the world (conceivable, in particular, for online services that URMA uses). If the country concerned does not have adequate data protection, we conclude standard EU contractual clauses; in certain cases, however, we may base this on consent or send data abroad because it is necessary to process a contract, if your data has been published or it is necessary for legal proceedings abroad.
Use of cookies
We use cookies to collect information while you are browsing the company's website. Information about browsing the website includes standard information about your web browser, such as browser type and browser language, your internet protocol (IP) address and the actions that you carry out on the company's website, for example, the pages you access and the links you click.
This information is used to optimise the website and also to provide business and marketing information for website owners and for collecting personal information such as browser type and browser system, referrer URL, path through the website, ISP domain, etc. This should improve our understanding of how visitors use a website. Cookies and similar technologies help us to tailor our website to your personal needs and to detect and prevent security threats and misuse
If you wish to withdraw your consent to cookies on our website, you can open your web browser and disable them.
Tracking: URMA uses a range of marketing tools to provide visitors to our website with a better customer experience. They make it possible for us to analyse collected data such as visitor clicks, in order to determine which pages are most effective. However, by using these marketing tools, UMRA does not use any personal data that can be traced back to you. We use Google Analytics 4 as a third-party provider: Privacy policy.
Remarketing: URMA uses tracking cookies for remarketing and conversion pixels from Google, LinkedIn and Facebook to provide you with special offers for our products and services via the Google Content Network and social networks. This may mean that, after visiting our website, you will see an advertisement for one of our products or services on other websites. In addition, URMA creates tailor-made target groups based on emails from subscribers and customers to present special offers for our products and services via social media and the Google Content Network. URMA does not, however, use your personal data when using remarketing services, except to provide you with special offers. When using remarketing, some items of personal data, which identify the user, such as the name, email and/or telephone number, may be transmitted to the provider of the advertising or a social media network (such as Facebook). URMA uses retargeting to exclude some individuals from retargeting (e.g. existing customers of URMA) and to include others (e.g. potential new customers of URMA).
We use the following third-party providers for remarketing (further information can be found under "Use of subcontractors"):
Facebook: Opt-out von Facebook-Remarketing
Google: Opt-out von Google Remarketing
LinkedIn: Opt-out von LinkedIn-Remarketing
You will find further information about managing cookies in your browser here: https://www.cookiebot.com/en/swiss-fadp/
Online presence on social media
We have an online presence on social networks and platforms (social media accounts). We regularly post and share content, offers and product recommendations on our social media accounts.
Scope of processing
For every interaction on our social media accounts, the operator of the social network in question automatically collects and stores your personal data for market research and advertising purposes. It cannot be ruled out in this context that the data collected may also be processed outside the European Union (EU). Among other things, this may mean that it is more difficult to assert rights as a data subject. So-called user profiles are created from the collected data using pseudonyms. These may be used, for example, to place advertising on and outside the social networks which appears to correspond to your interests. Cookies and similar technologies that record your user behaviour are stored on your end device for this purpose.
As a matter of principle, we collect all messages, content and other information that you communicate to us when visiting our social media accounts, such as posting something on our accounts or sending us private messages. If you have an account with the social network in question, we can also view your public information, such as your username, information in your public profile and content that you have shared with a public target group.
The type, scope and purposes of processing of your personal data on social networks is determined primarily by the operators of the social networks. Further information about data processing by each provider and your rights and setting options to protect your privacy can be found in the privacy policy of the provider in question:
- Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) https://www.facebook.com/about/privacy/
- LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) https://www.linkedin.com/legal/privacy-policy
- Xing (XING AG, Dammtorstrasse 29-32, 20354 Hamburg), https://privacy.xing.com/en/privacy-policy
Sharing data with the media
We do not share, sell, lease or trade in your information in relation to third parties without your consent, with the following exceptions:
Third-party providers of services operating in our name: We may pass on your information to our suppliers, employees, subcontractors and other affiliated organisations so that they can provide services to you in our name.
Third-party providers of products with whom we collaborate: We work closely with various third-party providers of products to ensure that we can offer you a range of products and services designed to meet your broad needs. If you have a query about one or more of these products and services or you make a purchase, the relevant third-party provider will use your details to provide you with information or to fulfil their obligations under all the contracts that you conclude with them. These third-party providers of products and services will share your information with us and we will use the data in accordance with this privacy policy.
If prescribed by law: We will disclose your personal information if it is a legal requirement to do so or if we, as a company, have a legitimate reason to assume that disclosure is important to protect the rights of our company and/or to comply with legal proceedings, a court order or other legal action. However, we will do everything in our power to ensure that your data protection rights are upheld.
Use of subcontractors (processors and sub-processors)
We may commission subcontractors to process personal data on our behalf. We are responsible for ensuring that the subcontractors undertake to comply with this privacy policy and the applicable data protection regulations by requiring them to sign a commissioned data processing agreement (DPA).
If the subcontractor processes personal data outside the EU/EEA, such processing must be in accordance with the EU Privacy Shield Framework, the EU standard contractual clauses for transmission to third countries or another legal basis for the transmission of personal data to third countries explicitly specified.
Responsibility for external content
Our website includes links to the websites of external providers. We have no control over the content or processing of data and do not monitor whether other providers comply with the applicable data protection provisions. If you believe that linked external sites are breaching applicable law or otherwise displaying inappropriate content, please notify us accordingly. We will verify the information you provide and remove the external link if appropriate. We are not responsible for the content or availability of linked external websites.
Amendments to this privacy policy
URMA reserves the right to amend this privacy policy at any time. You will always find the latest version on our website. We ask you to check this privacy policy regularly to ensure that you agree to any amendments.
If we make amendments that change our data protection practices significantly, we will notify you of the amendment by email before it comes into force, or we will publish a notification on our website.
Your right to lodge a complaint with a supervisory authority
If you are unhappy with the way in which your personal data is processed, you can contact privacy@urma.ch in the first instance.
If you have further legal questions, you can go directly to your national supervisory authority. You can contact the Swiss supervisory authority at:
- Switzerland: Federal Data Protection and Information Commissioner (Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB)) www.edoeb.admin.ch