Privacy Policy Parvati Massages

In this privacy policy, we, Green Mango GmbH (hereinafter parvati), explain how we collect and otherwise process personal data. This is not a comprehensive description; other privacy policies or general terms and conditions, participation conditions, and similar documents may govern specific matters. Personal data refers to all information relating to an identified or identifiable person.

If you provide us with personal data of other individuals (e.g., family members, colleagues' data), please ensure that these individuals are aware of this privacy policy and only share their personal data with us if you are authorized to do so and if the data is correct.

This privacy policy is designed to meet the requirements of the EU General Data Protection Regulation ("GDPR"), the Swiss Data Protection Act ("DPA"), and the revised Swiss Data Protection Act ("revDPA"). Whether and to what extent these laws are applicable depends on the individual case.

1. Controller / Data Protection Officer / Representative

The controller for the data processing described here is Green Mango GmbH. If you have any data protection concerns, you can contact us at the following address:

Green Mango GmbH
Gubelstrasse 12
6300 Zug
massagen@parvati-massagen.ch
076 463 28 26

2. Collection and Processing of Personal Data

We primarily process the personal data that we receive in the course of our business relationship with our customers and other business partners or that we collect from users when operating our websites, apps, and other applications.

As far as permitted, we also obtain certain data from publicly accessible sources (e.g., debt collection registers, land registries, commercial registers, press, internet) or receive such data from other companies within the parvati group, from authorities, and from other third parties. In addition to the data you provide directly, the categories of personal data we receive from third parties about you particularly include information from public registers, information obtained in connection with official and legal proceedings, information related to your professional roles and activities (so we can, for example, conduct business with your employer with your help), information about you from correspondence and meetings with third parties, creditworthiness information (if we conduct business with you personally), information provided by people close to you (family, advisors, legal representatives, etc.) so we can enter into or perform contracts with you or involving you (e.g., references, delivery addresses, powers of attorney, information to comply with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, sales and other contractual partners regarding services used or provided by you (e.g., payments made, purchases made)), media and internet information about you (if relevant in a specific case, e.g., job applications, press reviews, marketing/sales, etc.), your addresses and possibly interests and other sociodemographic data (for marketing), data related to the use of the website (e.g., IP address, MAC address of your smartphone or computer, device and settings details, cookies, date and time of visit, accessed pages and content, used features, referring website, location data).

3. Purposes of Data Processing and Legal Bases

We primarily use the personal data we collect to enter into and execute our contracts with our customers and business partners, particularly in the context of software development with our clients and the purchase of products and services from our suppliers and subcontractors, and to fulfill our legal obligations domestically and abroad. If you work for such a customer or business partner, your personal data may also be affected in this context.

Furthermore, we process your personal data and that of other individuals, where permitted and deemed appropriate, for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:

• Offering and developing our services, products, websites, apps, and other platforms where we are present;
• Communication with third parties and processing their requests (e.g., applications, media inquiries);
• Reviewing and optimizing procedures for needs analysis to address customers directly and collecting personal data from public sources for customer acquisition;
• Advertising and marketing (including event organization), as long as you have not objected to the use of your data (if you are a customer of ours, you may object to marketing at any time, and we will then place you on a blocklist);
• Market and opinion research, media monitoring;
• Enforcement of legal claims and defense in connection with legal disputes and official proceedings;
• Prevention and investigation of crimes and other misconduct (e.g., internal investigations, data analysis for fraud prevention);
• Ensuring our operations, particularly IT systems, websites, apps, and other platforms;
• Video surveillance to protect premises and other measures for IT, building, and facility security and to protect our employees and other individuals and assets (e.g., access controls, visitor lists, network and email scanners, telephone recordings);
• Purchase and sale of business units, companies, or parts thereof and other corporate transactions, including the transfer of personal data, and measures for business management and compliance with legal and regulatory obligations and internal regulations of parvati.

If you have given us consent to process your personal data for specific purposes (e.g., subscribing to newsletters or conducting a background check), we process your personal data within the scope of and based on this consent, unless we have another legal basis. Consent can be withdrawn at any time, but this does not affect data processing that has already occurred.

4. Cookies / Tracking and Other Technologies Related to Our Website

We typically use "cookies" and similar technologies on our websites and apps that can identify your browser or device. A cookie is a small file sent to your computer or automatically stored on your computer or mobile device by your web browser when you visit our website or install our app. When you revisit the website or use our app, we can recognize you even if we don't know who you are. In addition to session cookies, which are deleted after your visit, we may use persistent cookies that store user settings and other information for a set period (e.g., two years). You can configure your browser to reject cookies, accept them only for a session, or delete them early. Most browsers are preset to accept cookies. We use persistent cookies to save user settings (e.g., language, autologin) and to show you personalized offers and ads (also on third-party websites, though they do not know who you are if we don’t either—they only see a user who also visited our site). Some cookies are set by us, others by our partners. Blocking cookies may result in some features (e.g., language selection, cart, order process) not working.

In our newsletters and other marketing emails, we may include visible and invisible image elements that are retrieved from our servers to determine whether and when you opened the email. This helps us measure and better understand how our offerings are used and tailor them to you. You can block this in your email program; most are preset to do so.

By using our websites, apps, and consenting to newsletters and other marketing emails, you agree to the use of these technologies. If you do not wish this, adjust your browser or email program settings or uninstall the app if it cannot be adjusted otherwise.

We may use Google Analytics or similar services on our websites. This is a service provided by third parties located anywhere in the world (in the case of Google Analytics, it is Google Ireland, based in Ireland, relying on Google LLC in the USA as a processor—together "Google", www.google.com). These services use persistent cookies to measure and evaluate non-personal website use. We configure the service so that visitors' IP addresses are truncated in Europe before being sent to the US and cannot be traced. We have disabled the "data sharing" and "signals" settings. While we believe that the information we share with Google is not personal data, Google may use this data to identify visitors, create personal profiles, and link this data to Google accounts. If you are registered with the service provider, they know who you are. The provider processes your data under their own privacy policy. We only receive usage statistics (not personal data).

We also use social media plug-ins on our websites (e.g., Facebook, X, YouTube, Pinterest, Instagram). These are recognizable (typically via icons). These elements are disabled by default. If you activate them (by clicking), the social network operators can see that you are visiting our site and where, and they may use this information for their purposes. They process your data under their own privacy policy. We do not receive information about you from them.

5. Disclosure of Data and Transfer Abroad

In the context of our business activities and purposes outlined in section 3, we may disclose data to third parties, as permitted and deemed appropriate, either because they process it on our behalf or for their own purposes. This includes the following recipients:

• Our service providers (within the parvati group and external, e.g., banks, insurance providers), including processors (e.g., IT providers);
• Dealers, suppliers, subcontractors, and other business partners;
• Customers;
• Domestic and foreign authorities, agencies, or courts;
• Media;
• The public, including website and social media visitors;
• Competitors, industry organizations, associations, and other bodies;
• Buyers or interested parties of business units, companies, or parts of the parvati group;
• Other parties in possible or actual legal proceedings;
• Other companies in the parvati group;

These recipients may be located in Switzerland or anywhere in the world. Expect your data to be transferred to countries where the parvati group is represented by affiliates, branches, or offices and to countries in Europe and the USA where our service providers (e.g., Microsoft, Amazon) are located. If a recipient is in a country without adequate data protection laws, we contractually require them to comply with applicable data protection standards (using the revised EU standard contractual clauses, available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless they are subject to an approved data protection framework or we can rely on an exemption. Exemptions may apply, especially in legal proceedings abroad, in cases of overriding public interest, if contract performance requires disclosure, if you consented, or if the data is publicly available and you did not object.

6. Retention Period

We retain your personal data for as long as necessary to fulfill our contractual and legal obligations or for the processing purposes. This includes the entire business relationship (from initiation to termination) and beyond, in accordance with legal retention and documentation requirements. Data may also be kept for the period during which claims could be asserted against our company or for business interests (e.g., evidence, documentation). When data is no longer needed for the above purposes, it is deleted or anonymized where possible. Operational data (e.g., system logs) typically has shorter retention periods, generally twelve months or less.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as issuing policies, training, IT and network security solutions, data encryption, pseudonymization, and controls.

8. Obligation to Provide Personal Data

In the context of our business relationship, you must provide the personal data necessary to initiate and carry out the business relationship and fulfill the associated contractual obligations. (There is usually no legal obligation to provide us with data.) Without this data, we typically cannot enter into or execute a contract with you (or the entity/person you represent). The website also cannot be used if certain information (e.g., IP address) is not disclosed to ensure data transmission.

9. Profiling and Automated Decision-Making

We partially process your personal data automatically to evaluate specific personal aspects (profiling). We use profiling in particular to inform and advise you about products. We use analysis tools to enable targeted communication, advertising, and market/opinion research.

10. Rights of the Data Subject

You have rights under the applicable data protection law, including the right to access, rectify, erase, restrict processing, object to our processing (especially for direct marketing and profiling for direct marketing), and request data portability. However, we reserve the right to enforce the legal restrictions (e.g., where we must retain data or have a legitimate interest). We will inform you of any costs in advance. We have already informed you about your right to revoke consent in section 3. Please note that exercising these rights may conflict with contractual agreements and could result in consequences such as early termination or costs. We will inform you beforehand, unless otherwise agreed in the contract.

To exercise your rights, you must generally prove your identity (e.g., with a copy of your ID). Contact us at the address in section 1. You also have the right to enforce your claims in court or lodge a complaint with the competent data protection authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

11. Changes

We may amend this privacy policy at any time without notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will notify you of updates via email or other appropriate means.

Source: dsat.ch