Privacy Policy

Privacy Policy of FM Verzollung

With this Privacy Policy, we inform you which personal data we process in connection with our activities and operations, including our Website. We provide information on what, how and where we process which personal data. We also provide information about the rights of people whose data we process.

Additional data protection statements and other legal documents such as General Terms and Conditions (GTC), terms of use or subscriber conditions may apply to individual or additional activities and operations.

We are subject to Swiss data protection law and any applicable foreign data protection law, such as that of the European Union (EU) with the General Data Protection Regulation (GDPR). The European Commission recognizes that Swiss data protection law guarantees adequate data protection.

1. Contact Information

Responsibility for processing personal data:

Vincenzo Tallarico
FM Verzollung
PostLogistics AG
Via Maestri Comacini 7
CH-6830 Chiasso 

We would like to point out if there are other persons responsible for processing personal data in individual cases.

2. Terms and legal bases

2.1. Terms

Personal data refers to all information relating to an identified or identifiable person. A data subject is a person through whom personal data is processed.

Processing includes all handling of personal data, regardless of the means used and the procedure, and in particular the storage, disclosure, acquisition, collection, deletion, saving, alteration, destruction and use of personal data.

2.2. Legal Bases

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

Where and to the extent that the General Data Protection Regulation (GDPR) is applicable, we process personal data in accordance with at least one of the following legal bases:

  • Art. 6 para. 1 letter b GDPR for the processing of personal data required to fulfil a contract with the data subject and to implement pre-contractual measures.
  • Art. 6 para. 1 letter f GDPR for the processing of personal data required to protect the legitimate inter-ests of us or third parties, provided that the fundamental freedoms and fundamental rights and inter-ests of the data subject do not override these rights. In particular, legitimate interests are our interest in being able to exercise and communicate about our activities and operations on a long-term, user-friendly, secure and reliable basis, to guarantee information security, to protect against misuse, to en-force our own legal claims and to comply with Swiss law.
  • Art. 6 para. 1 letter c GDPR for the processing of personal data required to fulfil a legal obligation to which we are subject in accordance with any applicable law of Member States in the European Eco-nomic Area (EEA).
  • Art. 6 para. 1 letter e GDPR for the processing of personal data required to perform a task which is in the public interest.
  • Art. 6 para. 1 letter a GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6 para. 1 letter d GDPR on the processing of personal data required to protect the vital interests of the data subject or another natural person.

3. Type, scope and purpose

We process all personal data that is necessary to carry out our activities and operations in a way that is sustainable, customer-friendly, secure and reliable. Such personal data may include the following cate-gories in particular: master and contact data, browser and device data, content data, metadata or boundary data and usage data, location data, sales data, contract and payment data.

We process personal data for the duration required for the relevant purpose, purpose or law. Personal data that no longer needs to be processed is anonymized or deleted.

We may have personal data processed by third parties. We may process personal data with third par-ties or pass it on to third parties. These third parties are, in particular, specialized providers whose ser-vices we use. We also guarantee data protection for these third parties.

We only process personal data with the consent of the data subject, unless the processing is permitted for other legal reasons. Processing without consent can be authorized, for example, for the fulfilment of the contract with the data subject and for corresponding pre-contractual measures to protect our over-riding legitimate interests, because the processing can be seen in the circumstances or after prior noti-fication.

We process data that a data subject voluntarily transfers to us upon making contact – for example, by letter, e-mail, chat, contact form, social media or telephone – or when registering for a user account. We can record this data in an address book or similar tools, for example. If we receive data about other people, they are obliged to maintain data protection vis-à-vis them and to ensure the accuracy of this personal data.

We also process personal data received from third parties, obtained from publicly accessible sources, or processed in the course of our activities and operations, to the extent permitted by law.

4. Personal data abroad

We process personal data in Switzerland and in the European Economic Area (EEA). However, we may also export or transfer personal data to other countries, in particular for processing or processing.

We can export personal data to all countries of the world provided that the law there – in accordance with a resolution of the Swiss Federal Council – guarantees adequate data protection and – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – adequate data protection in accordance with a resolution of the European Commission. We currently disclose personal data to the following countries: France, Italy, Germany, Austria, the Benelux countries and the UK.

We may transfer personal data to states whose law does not guarantee adequate data protection, pro-vided that data protection is guaranteed for other reasons, in particular on the basis of standard data protection clauses or with other suitable guarantees. As an exception, we may export personal data to countries that do not have adequate or appropriate data protection regulations, provided that the spe-cial requirements of data protection law are met for this purpose, such as the explicit consent of the data subjects or a direct link with the conclusion or execution of a contract. We will be happy to provide the persons concerned with information about any guarantees or provide a copy of any guarantees.

5. Rights of data subjects

Data subjects, through whom we process personal data, have the rights under Swiss data protection law. This includes the right to information and the right to have the personal data processed corrected, deleted or blocked.

Data subjects whose personal data we process can – insofar as and insofar as the General Data Protec-tion Regulation (GDPR) is applicable – request confirmation free of charge as to whether we are pro-cessing their personal data. In this case, data subjects may request information about the processing of their personal data, have the processing of their personal data restricted, exercise their right to data portability and correct, delete (“right to be forgotten”), block or have their personal data completed.

Data subjects whose personal data we process may – insofar as and to the extent to which the GDPR is applicable – revoke their consent at any time with future effect and object to the processing of their personal data at any time.

Data subjects, through whom we process personal data, have a right of complaint with a competent supervisory authority. The Swiss supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). A list of authorities in the EEA can be found here:

6. Data security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. However, we cannot guarantee absolute data security.

Access to our website is via transport encryption (SSL / TLS, in particular with the Hypertext Transfer Protocol Secure, or HTTPS). Most browsers feature transport encryption with a padlock in the address bar.

7. Use of the website

7.1. Cookies

Cookies – our own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) – are data that is stored in the browser. Such stored data need not be restricted to traditional cookies in text form.

Cookies can be temporarily stored in the browser as “session cookies” or as “permanent cookies” for a certain period of time. Session cookies are automatically deleted when the browser is closed. Perma-nent cookies have a specific storage period. In particular, cookies enable you to recognize a browser the next time you visit our website, enabling you to measure the reach of our website, for example. Perma-nent cookies can also be used for online marketing, for example.

Cookies can be fully or partially deactivated and deleted at any time in the browser settings. Without cookies, our website may no longer be fully available.

7.2. Server log files

For each access to our website, we may collect the following information, provided it is transmitted to our server infrastructure by your browser or can be determined by our web server: date and time includ-ing time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system includ-ing user interface and version, browser including language and version, retrieved individual sub-page of our website including the amount of data transferred, most recently in the same browser­ page ac-cessed (referrer).

We save such information, which can also display personal data, in server log files. The information is required to make our website permanent, user-friendly and reliable, and to ensure data security and, in particular, the protection of personal data – including by third parties or with the help of third parties.

8. Services of third parties

We use the services of specialized third parties to carry out our our activities and operations in a last-ing, user-friendly, secure and reliable manner. These services allow us to embed functions and content into our website. In this case, the services used record the Internet Protocol (IP) addresses of the users at least temporarily for technically imperative reasons.

For the necessary security-related, statistical and technical purposes, third parties whose services we use may process data in connection with our activities and operations in an aggregated, anonymized or pseudonymized form. This relates to, for example, service or usage data in order to be able to offer the relevant service.

We use, in particular:

  • Services provided by Google: providers: google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and in Switzerland; General Data Protection Information: “Principles of data protection and security”, Privacy Policy, “Google is obliged to comply with the applicable data protection laws”, “Guidelines on data protection in Google products”, “How we use data from websites or apps on or in which our services are used” (details from Google), “Cookie types and other technologies used by Google”, “Personalized advertising” (activation/deactivation/settings).
  • Services of Microsoft: providers: Microsoft Corporation (USA) / Microsoft Ireland Operations Limited (Ireland) for users in the European Economic Area (EEA), the United Kingdom and Switzerland; General data protection information: “Data protection at Microsoft”, “Data protection (trust center)”, Privacy Policy.

8.1. Digital infrastructure

We use services from specialized third parties to access the digital infrastructure we require in relation to our our activities and operations. This includes, for example, hosting and storage services from selected providers. 

We use, in particular:

• Hostpoint: hosting; provider: hostpoint AG (Switzerland); data protection details: Privacy Policy.

8.2. Audio and video conferences

We use specialized audio and video conferencing services to communicate online. For example, we can hold virtual meetings or hold online lessons and webinars. The legal texts of the individual services, such as data protection statements and terms of use, also apply to participation in audio and video conferences. 

We use, in particular:

  • Microsoft Teams: platform for audio and video conferences, among others; provider: Microsoft; Teams-specific details: (Privacy and Microsoft Teams).

8.3. Maps

We use third-party services to embed cards on our website. 
In particular, we use:

• Google Maps including Google Maps platform: map service; provider: google; Google Maps-specific details: "How Google Uses Location Information."

9. Final provisions

We have created this Privacy Policy with the data protection generator of the data protection partner.
We may amend and supplement this Privacy Policy at any time. We will inform you about such amendments and additions in an appropriate form, in particular by publishing the current privacy policy on our website.