Data Protection Statement
Version dated 14. October 2018
This Data Protection Statement explains how we, temu studio AG, Glättlistrasse 6, 8048 Zurich, Switzerland (“we”, “us” or the like) collect and process personal data in connection with the operation and use of our website, our online portals (e.g. www.temu.studio) and associated applications.
The responsible and legally compliant handling of data is important to us. We comply at all times with applicable law, in particular Swiss data protection law and any applicable foreign data protection law, such as the EU European General Data Protection Regulation (EU-GDPR), according to whose standard this Data Protection Statement is based.
If you are acting on behalf of a company, we may assume that you are authorized to act on behalf of such company in connection with the acceptance of this Data Protection Statement (apparent authority), regardless of the internal regulations and/or circumstances of that company and entries in the commercial register and without further verification of such entitlement. When we refer to “you”, “your” or the like in this Data Protection Statement, this always also refers to the company on behalf of which you are acting and the employees of such company.
2. Collection and processing of personal data
Personal data means any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, in particular its collection, storage, archiving, use, modification, disclosure and deletion.
We primarily process personal data that we receive from you or collect about you in connection with the operation and use of our website, our online portals and associated applications. The input of personal or business data on our website, our online portals and related applications is voluntary.
In addition to the personal data that you provide us directly (e.g. when ordering services, creating or updating a customer account, registering for a newsletter or using a contact or feedback form), the categories of personal data that we receive about you from third parties in particular include information from public registers (e.g. debt collection register or commercial register), credit information (if we conduct business with you), your interests and other socio-demographic data (for marketing purposes) as well as data in connection with the use of our website, our online portals and associated applications (e.g. IP address, MAC address, settings and other information about the device used, cookies, date and time of the visit, webpages and contents accessed, functions used, referring website, location details).
If you provide us with personal data of other persons (e.g. family members, work colleagues), you must ensure that these persons have agreed to such provision and have taken note of the contents of this Data Protection Statement.
3. Purpose of data processing and legal basis
We process personal data primarily for the following purposes:
- Administration of your customer account
- Conclusion and processing of contracts for services or products that you order on our website, our online portals or related applications
- Ensuring the operation of our website, our online portals and related applications
- Responding to inquiries you send us via contact and feedback forms on our website, our online portals or related applications
- Compliance with our legal obligations in Switzerland and abroad
In addition, we process personal data of you and other persons, to the extent permitted by law and where appropriate, also for the following purposes which are in our legitimate interest:
- Further development of our website, our online portals and related applications as well as of our offers and services
- Marketing (e.g. sending newsletters), provided that you have not objected to this use of your personal data
- Assertion of legal claims and defense in connection with legal disputes and official proceedings
We process personal data in accordance with Swiss data protection law and, where applicable, with the EU-GDPR. In relation to the EU-GDPR, we process personal data with the consent of the data subject (art. 6 para. 1 lit. a EU-GDPR), for the performance of a contract to which the data subject is party and for taking corresponding steps prior to entering into a contract (art. 6 para. 1 lit. b EU-GDPR), to comply with a legal obligation to which we are subject under any applicable EU law or under any applicable law of a country in which the EU-GDPR is wholly or partially applicable (art. 6 para. 1 lit. c EU-GDPR) and to protect the legitimate interests pursued by us or by third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests are in particular our business interests to operate our website, our online portals and associated applications, information security, the enforcement of our own legal claims and compliance with Swiss law (art. 6 para. 1 lit. f EU-GDPR).
If you have given us your consent to process your personal data for specific purposes (e.g. when registering for a newsletter), we will process your personal data within the scope of and based on this consent, unless we have another legal basis, provided that we require one. A given consent can be withdrawn at any time, but this does not affect data processed prior to such withdrawal.
4. Retention period for personal data
We process and retain your personal data as long as required for the purposes pursued with the processing or for the performance of our contractual obligations and compliance with legal obligations as well as beyond this duration in accordance with legal retention and documentation obligations.
Personal data may be retained for the period during which claims can be asserted against our company (e.g. in particular during the statutory limitation period) or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g. for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, to the extent possible. In the case of long-term retention obligations, we limit the processing as much as possible.
5. Transfer of personal data
Within the scope of the purposes stated in section 3 and our business activities, we disclose your personal data, to the extent permitted by law and where appropriate, to third parties in Switzerland and abroad, in particular to our service providers, suppliers and auxiliary persons (e.g. hosting providers, software suppliers, IT service providers, newsletter service providers, debt collection service providers, banks, legal advisors/counsels) as well as to authorities, official offices or courts.
If we transfer data to a country without adequate legal data protection, we ensure an appropriate level of protection as legally required by way of using appropriate contracts or we rely on the statutory exceptions, in particular the exceptions of consent, performance of contracts as well as the establishment, exercise or enforcement of legal claims.
6. Services of third parties
Google Maps, Google reCAPTCHA and YouTube:
7. Rights of data subjects
Persons about whom we process personal data have the right to request confirmation from us whether we process personal data and, if so, information about our processing of their personal data. Furthermore, data subjects may, if provided for under the data protection law applicable to them (in particular the EU-GDPR), restrict the processing of their personal data, exercise their right to data portability or have their personal data rectified, erased (“right to be forgotten”) or blocked, withdraw consents granted and object to the processing of their personal data. The exercise of the aforementioned rights usually requires that you clearly prove your identity. For this purpose, please send us a copy of your identification document if your identity is not otherwise clear or cannot be verified.
We reserve the right to enforce statutory restrictions on our part, for example if we are obliged to retain or process certain personal data, have an overriding interest (insofar as we may invoke such interest) or need the data for asserting claims. Please note that the exercise of the aforementioned rights may be in conflict with contractual agreements between you and us (e.g. on the provision of services that you have ordered via our website or our online portals) and that this may result in consequences such as premature contract termination or costs. If this is the case, we will inform you in advance.
In addition, persons about whom we process personal data have the right to enforce their rights in court or to lodge a complaint with the competent data protection authority. The data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). Information on the FDPIC can be found under the following link:
Data subjects and supervisory authorities can contact us by e-mail or by letter at the addresses listed in section 8.
The “controller” of the data processing as described in this Data Protection Statement is temu studio AG. In case of any data protection related concerns, you can contact our data protection officer (art. 37 EU-GDPR) by e-mail or by letter as follows:
9. Data security
We take appropriate technical and organizational security precautions to protect your personal data from unauthorized access and misuse (e.g. encryption of data media and data transmissions, access restrictions). The access to our website, our online portals and associated applications is via SSL/TLS encryption.
We may amend this Data Protection Statement at any time without prior notice. The current version published on this website or this online portal applies.
Partially based on DSAT.ch