LEGAL
Grey Rebel Yoga, Rathausgasse 55, 3011 Bern is responsible for data collection and processing.
This privacy policy describes how we collect and process personal data in the context of our business relationships with clients and our website.
When processing data, we comply with the provisions of the Swiss Federal Act on Data Protection (FADP) and, where applicable, the European General Data Protection Regulation (GDPR).
​
Disclaimer of liability
Grey Rebel Yoga assumes no liability whatsoever with regard to the correctness, accuracy, up-to-dateness, reliability and completeness of the information contained on www.grey-rebel.com and its subpages. Liability claims against Grey Rebel Yoga for damages of a material or immaterial nature arising from access to or use or non-use of the published information, misuse of the connection or technical faults are excluded. All information is non-binding. Grey Rebel Yoga expressly reserves the right to change, supplement or delete parts of the pages or the entire offer without prior notice or to cease publication temporarily or permanently.
References and links to third-party websites lie outside our area of responsibility. Any responsibility for such websites is rejected. Access to and use of such websites is at your own risk.
​
Collection of personal data
Personal data is any information relating to an identified or identifiable natural person.
We primarily process personal data that we receive from our customers and business partners as part of our business relationship with them on the basis of a contractual relationship or in correspondence (electronically, by telephone or by post) or that we collect when operating our website or other applications.
We primarily collect your data from you. Where permitted, we may also obtain personal data from publicly accessible sources (e.g. media, Internet) and from public registers (e.g. commercial register, debt collection register, land register). Due to our activities, however, data may also be made available to us by third parties, in particular by your employees, agents or other auxiliary persons and authorities, etc. We may also receive information about you in the course of correspondence and meetings with third parties and from people in your environment (e.g. address details, recommendations, powers of attorney, information on compliance with legal requirements, information from banks, insurance companies and business partners so that we can conclude or process contracts with you).
​
The scope of the data stored and/or processed by us depends on the existence and nature of the contractual relationship or our business relationship with you. As a rule, this is your name, address, date of birth, home address, marital status, e-mail address, homepage, telephone numbers and your professional activity.
​
Our data processing is justified by your consent, the performance of a contract or pre-contractual measures, the fulfillment of legal requirements, our interests and other relevant legal bases.
Particularly sensitive personal data/personal profiles
We do not collect any particularly sensitive personal data via the website (e.g. salary data, privacy data, data on personal religious or ideological views, health data, etc.) and do not create any personality profiles based on the data collected when you visit our website.
However, in the context of a client relationship, it can be assumed that we will receive or collect particularly sensitive personal data from you, insofar as this is appropriate in connection with the mandate. This client relationship is subject to professional secrecy. We attach great importance to protecting your sensitive personal data.
We may create personality profiles with the data collected in the context of the client relationship or the business relationship in order to be able to provide you with targeted information and advice on certain services or products from us. To this end, we use evaluation tools that enable us to communicate in line with your needs and take appropriate advertising measures.
​
Visiting our website
When you visit www.grey-rebel.com and its subpages, the browser on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:
-
IP address of the requesting computer,
-
Name and URL of the retrieved file,
-
Date and time of access,
-
Website from which the access was made (referrer URL),
-
Browser used and, if applicable, the operating system of your computer and the name of your access provider.
This data is used to ensure a fast connection setup, user-friendly use of our website, to evaluate system security and stability and for other administrative purposes. This data processing is justified by an overriding interest based on the above-mentioned purposes. The data collected will not be used for the purpose of drawing conclusions about your person.
​
Purpose and legal basis of data processing
We only process your data in the cases provided for by law, primarily in the context of an existing or potential client relationship. Furthermore, your data may also be used to clarify a possible conflict of interest.
The legal basis for data processing may be your consent, the performance of a contract or pre-contractual measures, compliance with statutory provisions, overriding interests of us or third parties and other relevant legal bases.
​
If you have given us your consent to process your personal data for specific purposes, we will restrict the collection and processing of your data based on this consent, unless there is another legal basis for data collection and processing. Consent that has been granted can be revoked at any time, but this has no effect on data processing that has already taken place.
Communications
We reserve the right to send you communications containing important legal information and invitations to events electronically or by post.
​
Transmission of personal data
You can contact us by e-mail. Your e-mail address, the date, the content of your e-mail and the subject as well as the contact details you provide will be stored by us for the purpose of processing the request and in the event of follow-up questions, as long as this is necessary to process your request or we are required to do so by law.
​
The use of e-mails is not technically secure; it may also happen that e-mails are not delivered. When e-mails are transmitted, the data they contain may leave national borders, even if the sender and recipient are in Switzerland. The confidentiality of e-mails cannot be guaranteed if they are not encrypted or are insufficiently encrypted. Unencrypted e-mails are therefore not suitable for sending confidential information.
By sending an e-mail, you consent to communication via e-mail in full knowledge of the risks described.
Disclosure to third parties
As part of the provision of our services and the provision of our website, we may need to use the services of third parties. In this context, we may commission third parties to process your personal data. We may also be obliged to disclose your data to authorities or other third parties.
Your data will only be passed on to third parties with your express consent, if there is a legal obligation to do so, if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship, if this is necessary to fulfill the contract or carry out pre-contractual measures (e.g. Swiss Post or other courier services, telecommunications service providers, authorities in the context of debt collection measures, etc.), if we have a legitimate interest in doing so and your interests to the contrary do not outweigh this and if other legal permission exists, but only to the extent and for as long as
-
a) the third parties themselves are subject to legal confidentiality (e.g. postal and telecommunications secrecy; official secrecy), or
-
b) the third parties have been contractually obliged by us to maintain confidentiality, or
-
c) we have been released from professional secrecy for a specific matter that is subject to professional secrecy.
​
Under certain circumstances, your personal data may also be transferred to companies abroad as part of order processing. These companies are obliged to protect data to the same extent as we are. If the level of data protection in the country in which the data is transferred does not correspond to that of Switzerland or the European Union, we will contractually ensure that the same level of protection is guaranteed as in Switzerland or the European Union. This can be done through standard data protection clauses of the European Commission or a supervisory authority or approved and authorized codes of conduct together with binding and enforceable obligations of the recipient or approved certification mechanisms together with binding and enforceable obligations of the recipient.
If data is transferred to a company in the USA, we ensure that this company is certified in accordance with the Swiss or EU-US Privacy Shield Agreement, thereby ensuring that the level of data protection in Switzerland or the EU is complied with. If there is no certification, we obtain the necessary guarantees by contract.
​
Retention period
We only store your personal data for as long as is necessary to fulfill the individual purposes for which the data was collected and as permitted by applicable law. In any case, we store your personal data for as long as statutory retention obligations exist or limitation periods for potential legal claims have not yet expired.
Data security
We take appropriate technical and organizational security precautions to protect your personal data against manipulation, loss, destruction or unauthorized access by third parties. This includes internal directives, training and appropriate IT and network security solutions, access controls and restrictions, etc.
​
For data transmission on our website, we use the SSL procedure (Secure Socket Layer; "https"), which you can recognize by the closed lock on the left-hand side of the input field of your browser.
​
Right to information and rectification
You have the right to request information about your personal data processed by us at any time and free of charge. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients of your data, the planned storage period, etc. You also have the right to have incorrect data corrected.
You can contact us at any time at info@grey-rebel.ch.
Right of revocation, objection and deletion
You can withdraw your consent to data processing at any time and request the deletion of your personal data.
You may also be able to restrict or object to the processing of your personal data. Under certain circumstances, you also have the right to request that we return the data that you have provided to us (right to data portability).
​
Please note, however, that we are obliged under legal, commercial and tax law to retain accounting documents for at least 10 financial years or longer. We can therefore neither delete nor process the personal data contained in these documents. Your request for erasure therefore only applies to this extent for future processing.
If services are still outstanding at the time of receipt of your objection, revocation and request for deletion, your personal data will continue to be processed until the business relationship has ended completely. Your revocation under data protection law expressly has no influence on the processing of existing contractual relationships and is not considered an extraordinary reason for termination.
Amendments to this privacy policy
We reserve the right to adapt this privacy policy to current circumstances if necessary.
