Data Protection Note


This Privacy Policy was created in accordance with the applicable data protection laws, in particular the EU data protection basic regulation (GDPR) and the Swiss data protection law (SR 235.1, DSG).
This Privacy Policy applies to all areas of CONICA AG, Industriestrasse 26, 8207 Schaffhausen / Switzerland.
The privacy policy is updated, if necessary, and published on our homepage (

Policy / Principles

The protection of personal data is important to us. Therefore, we process the personal data of our employees, interested parties (e.g. website visitors), suppliers, customers and business partners in accordance with the applicable legal provisions on the protection of personal data and data security.

1. Responsible data owner

Accountable for the collection, processing and use of personal data within the meaning of the Swiss Federal Data Protection Act and other data protection regulations is:

Industriestrasse 26
8207 Schaffhausen
+41 (0) 52 644 36 00

Represented in the EU by:
Serafin 3. Beteiligungsgesellschaft mbH
Löwengrube 18
80333 München

If you have any questions or suggestions regarding data protection, please contact company’s representative by e-mail:

2. Collection, processing and use of personal data (which sources and data do we use)

Personal data is only collected if you provide it to us on your own initiative, e.g. within the framework of a registration by filling out a form or by sending e-mails, within the framework of ordering products or services, enquiries or requests for material, within the framework of the initiation phase of or during business relationships and in contractual relationships.

In case of interested parties such relevant personal data may be, for example
Name, address, contact details (phone, e-mail address)

When products/services/contracts are supplied or finalised, additional personal data of employees, suppliers, customers and business partners may be collected, processed and stored, e.g. bank details, accounting data, tax information/data, permits, identification data (e.g. tax ID, insurance ID, ID card, specimen signature).

In addition, we process personal data, which we have legitimately obtained and are available from publicly accessible sources (e.g. land registers, commercial register / register of associations, press, media, Internet).

3. Purpose of data processing and legal basis

The processing of personal data takes place in accordance with data protection regulations:

3.1. Fulfilment of contractual obligations
We use personal data to execute pre-contractual measures, to provide services and to fulfill contractual obligations including their accounting.

3.2. In the context of the balancing of interests
If necessary, we process data beyond the actual fulfilment of the contract to protect the legitimate interests of CONICA or third parties. Examples:

  • Consultation of and data exchange with information suppliers such as credit agencies to determine creditworthiness and default risks
  • Review and optimization of procedures for needs analysis and direct customer approach
  • Assertion of legal claims and defence in legal disputes
  • Ensuring the IT security and IT operation of our company
  • Prevention of criminal offences
  • measures to secure the domiciliary rights and to safeguard the domiciliary rights (e.g. video surveillance)
  • measures for building and system security (e.g. access controls)
  • Measures for business management and further development of products and services

3.3. Based on your consent
If you have given us your consent to process your personal data for specific purposes, the processing is legal on the basis of this consent.
You can revoke a given consent at any time, whereby the revocation only takes effect for the future.

3.4. Due to legal requirements or in the public interest
In addition, our company is subject to various legal obligations and legal requirements (e.g. labour laws, tax laws, insurance laws), so that the purposes of processing include the fulfilment of (tax) legal control and reporting obligations.

4. Data use and transfer

The data provided by you will only be accessed by those departments that need it to process your request and to fulfil our contractual and legal obligations. The transfer to third parties (possibly also in third countries) only takes place if:

  • this is necessary for the purpose of contract fulfilment (e.g. dispatch / delivery of products)
  • this is necessary for accounting purposes
  • you have permitted to it
  • this is mandatory by legal regulations

Under these conditions, such recipients can be:

  • contract processors employed by us (e.g. in the area of IT services, logistics, payment transactions) who process the data on our behalf in accordance with our instructions.
  • public authorities and institutions (e.g. tax authorities, pension insurance companies)

Furthermore, we do not pass on personal data to third parties nor do we sell data without your permission.

However, we reserve the right to disclose information if we are legally obliged to do so or if we are required to surrender it to lawful authorities or law enforcement bodies.

5. Data storage (how long)

Where necessary, personal data will be processed and stored as long as required for the initiation and fulfilment of contractual and legal obligations.

In addition, as a company we have to fulfill various storage and documentation obligations (e.g. tax law, commercial law) as well as statutory limitation periods.

6. Data protection rights and accessibility of individuals

In accordance with the relevant legal requirements, each individual has the following rights regarding to personal data:

  • Right to information
  • Right to correction
  • Right to cancellation
  • Right to limitation of processing (blocking)
  • Revocation
  • Right of appeal

Individuals can revoke their permission for the processing of personal data at any time. This revocation applies only to the future and not to the past, so that processing that took place before the revocation is not affected.

Any person who wants to exercise this right should in the first instance make a written request to the company’s responsible (e-mail address see above).

Requests are processed in accordance with legal requirements. A deletion cannot take place if we are legally obliged to store the personal data.

7. Obligation to provide data

Within the scope of your enquiry or business relationship with us, you must provide the personal data which is necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations or which we are legally obliged to collect.

Without this data, we will usually have to refuse the conclusion of a contract or the execution of an order or we will no longer be able to execute an existing contract and may have to terminate it.

8. Data security

Technical and organizational measures are in place to protect personal data from loss, alteration or external (unauthorized) access. We continuously improve these security measures in line with technological developments.

9. Automatic collection of data (Cookies)

We use cookies on our websites to better understand how the websites are used and to improve their attractiveness, content and functionality as well as to determine user-specific settings.
All functions of the web pages can also be used without cookies, but some user-defined properties and settings are then not available.


Issue date: 01. February 2020 / Rev. 03