Privacy policy
Our website address is: https://carico.coffee
CARICO Café and Librairie Milne (distributer in Switzerland) take the protection of personal data seriously. For this reason, we would like to provide users of our online service with information on which data we store and how we use it.
This privacy policy is aligned with the EU General Data Protection Regulation (GDPR). Although the GDPR is a regulation for the European Union, it is also important for us. The Swiss Federal Data Protection Act (FADP) is heavily influenced by EU law. Since we also provide some of our services to customers outside of Switzerland, we follow the EU standard.
We are not permitted to use your data for any purposes other than those stated here or permitted by law.
Responsible Person
Unless otherwise stated in individual cases, Caritas Switzerland is responsible for the forms of data processing described here. If you have any queries about data protection law, you can contact us as follows:
Librairie Milne, chemin des Ruches 3, 1296 Coppet, Suisse
We do not forward your personal data
We will not forward your data to third parties. We work with external service providers for particular tasks, for example, putting addresses on shipments. These service providers are obliged to comply fully with data protection regulations, are not permitted to use your data for any other purposes whatsoever and must delete it after 30 days. Your address details may be transferred to CRIF Ltd. in Zurich for the purpose of updating your postal address, for example if you move house. This helps us to prevent mail being returned and reduces unnecessary postage costs. You can find more detailed information at: www.mycrifdata.ch/#/dsg. All Caritas Switzerland employees who handle your data are obliged to comply with data protection regulations.
Use of Data
We will not misuse any data that you provide to us about yourself. In order to send you a newsletter you are subscribed to, respond to your queries, process your donations, ensure your participation in petitions, campaign promotions or competitions or complete your order in the online shop, we require some information from you. We will use the information that you provide via a form on the website or by other means to achieve these ends and process the resulting communication. If you make a donation via our website, we will notify you about some of Caritas Switzerland’s ongoing projects.
Just like any online provider, we collect user data in order to optimise our service. We collect and store information in such a way that it is not personally identifiable. We therefore cannot check which user has accessed which data. In particular, we do not collect any names, postal addresses, telephone numbers or e-mail addresses when you visit our website, nor any details about your personal interests or donations.
If you have given us consent to process your personal data for particular purposes (for example when you subscribe to newsletters), we will process your personal data on the basis of this consent. You can revoke your consent at any time.
Right to rectification, blocking and to be informed
If you send a written request to Caritas Switzerland, we will inform you about the data we have stored about you. When requesting this data, please send us your full name, e-mail address and a copy of an official identification document (ID card, passport). This is necessary to prevent any unauthorised persons gaining access to your data. You may exercise the rights indicated above with regard to the data stored about you.
Furthermore, every data subject is entitled to assert their claims in court or file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch/edoeb/en/home.html).
Use of cookies
We use cookies during your visit to our webpages. Cookies are small text files that are stored on your computer permanently or temporarily when you visit this website. The purpose of the cookies is, in particular, to analyse the use of the website for statistical evaluation and continuous improvement. You can partially or entirely disable cookies in your browser settings at any time. If you disable them, you may no longer have access to all of the features on the website.
We occasionally use Google Analytics or similar services on our website. This is a service provided by third parties that may be located in any country in the world (in the case of Google Analytics, it is Google LLC in the USA, www.google.com), which allows us to measure and evaluate the use of the website (in such a way that it is not personally identifiable). For this purpose, we also use permanent cookies set by the service provider. The service provider will not receive any personal data from us or retain any IP addresses. It may, however, track your use of the website, combine this information with data from other websites you have visited that are also tracked by the service provider, and use these findings for its own purposes (for example, managing advertising). If you have registered with the service provider yourself, it will also know you. In this case, the service provider is responsible for processing your personal data in accordance with its own data protection provisions. The service provider will only tell us how our respective website is being used. We will not receive any information that identifies you personally.
Elements from other providers on our website
We use services from other providers on our websites and mobile applications. For example, videos are embedded via the YouTube platform. Content may be shared or recommended via Facebook, Twitter or Google+. Clicking an element from one of these third party providers (e.g. the “Like” plug-in from Facebook), may automatically connect you to this third-party provider’s servers. Data relating to your visit to the website may then be transferred to the third-party provider and possibly associated with the user account you have created with them. You can find out how these platforms collect and use data in their respective privacy policies, where you will also be given the option to adjust the settings to restrict the use of your personal data.
Secure data transfer
All data that you provide to us on our website, when ordering a newsletter or making contact enquiries, is transferred to us via a secure connection in encrypted form. We use a state-of-the-art security procedure (SSL Secure Sockets Layer) to do this.
Liability for links
We also place links on our website to external services that we think you might like. Of course, we only provide links to pages that did not appear to contain any misleading or illegal content when the link was created. We have no control over the way these pages will be set up in future, however. We cannot therefore be held responsible for recommended pages that have been changed after the link was created. Liability for illegal, incorrect or incomplete content and, in particular, for any damage or loss suffered as a result of using this information lies solely with the provider of the page in question.
Newsletter
If you subscribe to one of the newsletters we offer, we will use your data exclusively to send our newsletter as it is defined when you subscribe. You only need to provide your e-mail address to subscribe to our newsletter. You subscribe to newsletters via what is known as a double opt-in procedure. After subscribing, you will receive an e-mail prompting you to confirm your subscription. This confirmation is necessary to prevent anybody from subscribing with unauthorised e-mail addresses. Subscriptions or changes to newsletter subscriptions are recorded and are therefore traceable.
If you provide any more personal information when you subscribe, we will check it against our own address database to ensure that the addresses are fully up to date and of sufficient quality, thus optimising our communication with you. We will treat your newsletter data as strictly confidential and will not forward or sell it to third parties. We work closely with our Internet and newsletter providers to provide maximum protection for your data from unauthorised access, loss, misuse or forgery. Please do not forward your newsletter as this may also send a means of accessing your personal information. To forward the newsletter, please use the “Forward message” function integrated into every newsletter or the URL for the online version of the newsletter.
Newsletters are sent using MailChimp, a newsletter distribution platform offered by the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. Our newsletter recipients’ e-mail addresses and any other data they provide are stored on the MailChimp servers in the USA. MailChimp uses this information for the purposes of distributing and analysing the newsletter on our behalf. According to MailChimp’s own information, it may also use this data to enhance or improve its own service, for example, to optimise the distribution and presentation of the newsletter from a technical perspective or for commercial purposes. However, MailChimp does not use our newsletter recipients’ individual data to communicate with them itself, nor does it forward the data to third parties.
MailChimp is certified under the EU-US “Privacy Shield” data protection agreement and is therefore obliged to comply with EU data protection regulations (https://www.privacyshield.gov).
Retention period for personal data
We process and store your personal data for the duration of the business relationship and in accordance with the statutory retention and documentation requirements. Data may therefore be retained for the period in which claims can be asserted against our company (including, in particular, during the statutory limitation period) and to the extent that we are otherwise required to do so by law or it is required by legitimate business interests (for example for evidence or documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, it will be deactivated and will no longer be used. For operational data (for example system records, logs), shorter retention periods of up to twelve months apply as a basic principle.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Obligation to provide personal data
As part of our business relationship, you are invited to provide the personal data that is required to enter into and conduct a business relationship and fulfil the associated contractual obligations. Generally speaking, you are not legally required to provide data to us. Without this data, we will usually be unable to conclude or process a contract with you (or the body or person you are representing). The website cannot be used either if certain details designed to secure data traffic (such as your IP address) are not disclosed.
Changes
We may adjust this privacy policy at any time without giving notice. The current version published on our website shall apply. If the privacy policy forms part of an agreement with you, we will notify you of any changes made as part of an update via e-mail or another appropriate method.