Privacy Policy

1.0 Contact

vinylhits
Roland Kostezer
St.-Oswalds-Gasse 18
6300 Zug
Switzerland

E-Mail: info@vinylhits.com
Website: vinylhits.com

If you have any questions about data protection on our website, wish to obtain information, or want to request the deletion of your data, please contact us by sending an email to info@vinylhits.com. You can also send your request by mail to the following address:

vinylhits
Roland Kostezer
St.-Oswalds-Gasse 18
6300 Zug
Switzerland


2.0 Scope and Purpose of the Collection, Processing, and Use of Personal Data

a. When visiting the vinylhits website

When you visit our website, our servers temporarily store every access in a log file. The following data is collected without your intervention:

  • IP address of the requesting computer/device
  • Name of the owner of the IP address range (usually your internet access provider)
  • Operating system of your computer/device
  • Browser type and browser version, if applicable, language settings
  • Browser settings
  • Date and time of access/retrieval
  • Country from which access occurs
  • Name of your internet access provider
  • Website from which access occurs (referrer URL), possibly with the search term used
  • Name and URL of the retrieved file and file size
  • Access status/status code (e.g., error message)

The collection and processing of this data serve to enable the use of our website (establishing a connection), to permanently ensure system security and stability, and to enable the optimization of our internet offering, as well as for internal statistical purposes. This constitutes the basis of our legitimate interests. A personal user profile is not created.

Only in the event of an attack on the network infrastructure of our website or in case of suspicion of other unauthorized or abusive website use will the IP address be evaluated for clarification and defense and, if necessary, used in criminal proceedings for identification and for civil and criminal proceedings against the users concerned.

Furthermore, through geo-localization, it is technically possible to narrow down your location based on the IP address. The IP address is not stored for the purpose of geo-localization beyond the end of the usage process.

b. When subscribing to the newsletter

You have the option to subscribe to our newsletter on our website. With this electronic newsletter, we inform you about new products in our shop.

When you subscribe to the newsletter, we collect the following data from you (mandatory*):

  • Email address*
  • First name*

The email address is required to send you the newsletter digitally. Providing additional data voluntarily allows us to address you more personally and to provide you with more targeted information.

By registering for the newsletter, you give us your consent to process the provided data for the regular dispatch of the newsletter to the email address you have provided.

The newsletter registration uses a so-called double opt-in procedure. This means that after registration, you will receive an email at the email address you provided, in which you must click the activation link to confirm your registration.

You have the option to unsubscribe from the newsletter at any time and to withdraw the consent you have given. To do this, click on the corresponding button (link) in the newsletter sent to you. You will find this link at the end of the newsletter. Alternatively, you can arrange to unsubscribe from the newsletter using the methods described in section 1.0 Contact.

The newsletter is sent via the shipping service provider MailChimp, a newsletter shipping platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the data protection policies of the shipping service provider at https://mailchimp.com/legal/pr.... The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield agreement and thus guarantees compliance with European data protection standards. The shipping service provider is used based on our legitimate interests.

The shipping service provider may use the recipient data in pseudonymized form, i.e., without assignment to a user, to optimize or improve its own services, e.g., for the technical optimization of the dispatch and presentation of newsletters or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them directly or to pass the data on to third parties.

Our newsletter may contain a so-called web beacon (tracking pixel) or similar technical means. A web beacon is a 1x1 pixel, invisible graphic that is associated with the user ID of the respective newsletter subscriber. For each newsletter sent, there is information about the address file used, the subject, and the number of newsletters sent. In addition, it can be seen which addresses have not yet received the newsletter, to which address the newsletter was sent, and for which addresses the sending failed. Furthermore, the opening rate can be determined, including information on which addresses opened the newsletter and which addresses unsubscribed from the newsletter distribution list. We use this data for statistical purposes and to optimize the newsletter in terms of content and structure. This allows us to better tailor the information and offers in our newsletter to the individual interests of the recipients. The tracking pixel is deleted when you delete the newsletter.

To prevent the use of the web beacon in our newsletter, please configure your mail program to not display HTML in messages, if this is not already the default setting.

c. When using the contact form

To contact us via the contact form, the truthful provision of the following personal data (mandatory*) is required:

  • Name*
  • Email*
  • Message*

This mandatory information is required to process your contact request. The legal basis for processing your personal data when using our contact forms and for contact requests via various channels is our legitimate interest in processing your contact. You can object to this data processing at any time. You can withdraw your consent at any time with effect for the future. See section 1.0 Contact for details.

You can also contact us by email. You are responsible for the communications and content you send to us. We recommend that you do not submit sensitive information. Only personal data that you voluntarily transmit to us will be collected. We will only collect the personal data from you that is necessary to answer your questions or to provide the services you have requested.

What data is stored by Google Analytics?
Google Analytics automatically collects data about your user behavior and your device during your session. In addition to behavior on the subdomain, this also includes the following general data:

  1. Anonymized IP address
  2. Device type
  3. Screen resolution
  4. Browser & version
  5. Geographic location

To achieve this, Google Analytics uses the following cookies:

  1. _ga
  2. _ga_XJR6Q5FN58
  3. _ga_7D6HL7NC4Z

The purpose of these cookies is described at https://policies.google.com/technologies/cookies?hl=en-US.

3.0 Central Storage

We store the data mentioned in the preceding sections in central electronic data processing systems. Your data is systematically collected, linked, and evaluated to process your request and handle contractual services.

a. MOCO

We use MOCO, an application by hundertzehn. Data storage takes place in an authorized data center of METANET AG. hundertzehn commits to complying with the DSG (Swiss Data Protection Act). Further information on how hundertzehn handles personal data can be found at this link: https://www.mocoapp.com/unternehmen/datenschutz.

The personal data mentioned in the preceding sections is migrated to MOCO and stored and processed centrally there. We process the data in MOCO to fulfill your orders and services. We also evaluate the data in MOCO to improve the quality of our services. Furthermore, we use the corresponding data for the other purposes mentioned in this privacy policy. These evaluations can create user profiles about you (e.g., preferred services).

b. asana

We use asana, an application from Asana, Inc., 1550 Bryan Street, Suite 200, San Francisco, CA 94103, USA. The servers for data storage are Amazon's Simple Storage Service (S3). They store attachments and database backup copies. Attachments are all files uploaded directly from a computer/device to asana tasks.

The personal data mentioned in the preceding sections is migrated to asana and stored and processed centrally there. We process the data in asana to fulfill your orders and services. We also evaluate the data in asana to improve the quality of our services. Furthermore, we use the corresponding data for the other purposes mentioned in this privacy policy. These evaluations can create user profiles about you (e.g., effort calculation for services).

c. Calendly

We use Calendly, an application from Calendly LLC, Greater Atlanta Area, East Coast, Southern USA. The Calendly application is hosted on Heroku with AWS (Amazon Web Service) technology. Heroku's physical infrastructure is hosted and managed in Amazon Web Service. Calendly uses all the integrated security, data protection, and redundancy features of the platform.

The personal data mentioned in the preceding sections is migrated to Calendly and stored and processed centrally there. We process the data in Calendly to fulfill your orders and services. We also evaluate the data in Calendly to improve the quality of our services. Furthermore, we use the corresponding data for the other purposes mentioned in this privacy policy. These evaluations can create user profiles about you (e.g., average appointment duration).

d. Cloud Services

We use software services accessible via the internet and running on the providers' servers, so-called cloud services, for the purposes of document storage and management, calendar management, email dispatch, spreadsheets, form creation with corresponding data collection, as well as presentations, exchange of documents, content, and information with specific recipients, as well as chats and participation in audio and video conferences. For this, we use Google Cloud, a product of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Further information on Google Cloud's privacy policy can be found at https://cloud.google.com/privacy/gdpr?hl=de.

In this context, personal data may be processed and stored on the providers' servers, insofar as they are part of communication processes with us or are otherwise processed by us, as set out in this privacy policy. This data may include, in particular, master data (e.g., name, address) and contact data of users (e.g., email, phone number), data on processes, contracts, other procedures, and their content (e.g., text entries, photographs, videos). The providers of the cloud services also process usage data and metadata (e.g., IP addresses), which they use for security purposes and to optimize the service.

If we request consent for the use of cloud services, the legal basis for processing is consent. Furthermore, their use may be part of our (pre-)contractual services, provided that the use of cloud services has been agreed upon in this context. Otherwise, user data will be processed on the basis of our legitimate interests in efficient and secure administrative and collaboration processes.

4.0 Disclosure of data to third parties

We will only pass on your data if you have expressly consented, if we are legally obliged or entitled to do so, or if this is necessary to assert our rights, in particular to enforce claims arising from the contractual relationship.

In addition, we pass on users' personal data to third parties insofar as this is necessary within the scope of using our websites and answering questions, processing inquiries, for the possible provision of services requested by the user, and for analyzing their user behavior. The use of the data passed on for this purpose by third parties is strictly limited to the stated purposes.

Third-party providers are explicitly mentioned in this privacy policy. In addition, we pass on your data in particular to the following recipients:

  • Hosting service provider MTF
    Your personal data collected via the websites may be passed on to our hosting provider. Our hosting provider is MTF Solutions AG, Alte Tiefenaustrasse 6, 3048 Worblaufen.
    Further information on how MTF handles personal data can be found at this link: Datenschutz MTF.
    The data is passed on for the purpose of providing and maintaining the functionalities of our websites.

In addition, personal data may also be transmitted to IT service providers, event partners, subsidiaries, and, if necessary, authorities and courts. The legal provisions for the transfer of personal data to third parties are, of course, complied with. If we use processors to provide our services, we take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of your personal data in accordance with the relevant legal provisions.

5.0 Cookies

Cookies help in many ways to make your visit to our website easier, more pleasant and more meaningful. Cookies are small text or information files that your web browser automatically stores on your computer's hard drive when you visit our websites. Cookies do not cause any damage to your computer/device and do not contain viruses. Furthermore, we also use cookies for statistical purposes.

For example, we use cookies to temporarily store your entries when filling out a form on the website so that you do not have to repeat the entry when calling up another subpage.

Most internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer/device or that a message always appears when you receive a new cookie. You can also activate the automatic deletion of cookies when closing the browser, and you can delete already set cookies at any time via an internet browser or other software programs. On the following pages you will find explanations on how to configure the processing of cookies in the most common browsers:

Disabling cookies may prevent you from using all the functions of our websites.

6.0 Analysis Tools

a. Google Analytics

The vinylhits website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your usual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses methods that allow an analysis of the use of the websites, such as cookies (see section 5.0 Cookies). The information generated by the cookie about your use of the website, such as

  • Navigation path a visitor takes on the site,
  • Time spent on the website or subpage,
  • The subpage on which the website is exited,
  • The country, region, or city from which access occurs,
  • End device (type, version, color depth, resolution, width and height of the browser window),
  • returning or new visitor,
  • browser type / version,
  • operating system used,
  • referrer URL (the previously visited page),
  • hostname of the accessing computer (IP address), and
  • time of server request

are transmitted to Google servers, a company of the Alphabet Inc. holding company, in the USA and stored there (see Section 8.0 Note on data transfers to the USA). The IP address is shortened by activating IP anonymization on our websites before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area or Switzerland. The anonymized IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The information is used to evaluate the use of our websites, to compile reports on the activities on the websites, and to provide other services related to the use of the websites and internet use for the purposes of market research and needs-based website design. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. According to Google, under no circumstances will the IP address be linked to other user-related data.

Users can prevent the collection of data generated by the cookie and related to the website usage by the respective user to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. If cookies are deleted according to Section 5.0 Cookies, the link must be clicked again. An opt-out cookie is set which prevents the future collection of your data when visiting our websites. To prevent collection across different devices, you must perform the opt-out on all systems used.

Further information on Google's terms of use and privacy policy can be found at https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/privacy.

b. Google Ads

As part of conversion tracking (visit action evaluation), we use Google Ads, an online advertising program belonging to Google Marketing Services, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or, if you have your usual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you click on an ad served by Google, a cookie for conversion tracking is placed on your computer. These cookies have a limited validity of 30 days, do not contain any personal data, and therefore do not serve for personal identification. If you visit certain pages of our websites and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to this page. Each Google Ads customer receives a different cookie. Thus, there is no possibility that cookies can be tracked across the websites of Google Ads customers.

The information obtained with the help of the conversion cookie serves the purpose of creating conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can personally identify users.

You can deactivate personalized advertising in the ad settings on Google. Instructions for this can be found at https://support.google.com/My-Ad-Center-Help/answer/12155764?hl=de&visit_id=638901459557516328-3396757382&rd=1. Furthermore, you can deactivate the use of cookies by third parties (see Section 7.0 Cookies for more information). Further information and Google's privacy policy can be found at https://policies.google.com/privacy?gl=de.

c. Google Tag Manager

On our websites, we use Google Tag Manager from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or, if you have your usual residence in the European Economic Area or Switzerland, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a solution that allows marketers to manage website tags through an interface. The Tag Manager tool is a cookie-less domain and does not collect any personal data. The tool triggers other tags, which in turn may collect personal data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains effective for all tracking tags implemented with Google Tag Manager. You can prevent the setting of tags at any time (see Section 5.0 Cookies for more information).

7.0 Link to our social media presence

On our website, we have included a link to our social media profiles of the following social network:

  • Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA

If you click on the respective icon of the social network, you will be automatically redirected to our profile on the respective network. To use the functions of the respective network there, you may have to log in to your user account on the respective network.

When you click on a link to a social media profile, a direct connection is established between your browser and the server of the respective social network. This informs the network that you have visited our website with your IP address and clicked on the link. If you click on a link to a network while logged into your account on the respective network, the content of our websites can be linked to your profile on the network, which means that the network can directly assign your visit to our websites to your user account. If you wish to prevent this, you should log out before clicking on the respective links. An assignment will always occur if you log into the respective network after clicking on the link.

8.0 Note on data transfers to the USA

For the sake of completeness, we note that US authorities may take surveillance measures within the framework of US legislation, allowing for the general storage of all data transferred from the European Union or Switzerland to the USA. This occurs without differentiation, restrictions, or exceptions based on the objective pursued and without an objective criterion that would allow limiting the access of US authorities to the data and their subsequent use to very specific, strictly limited purposes that would justify the intrusion associated with both access to and use of this data. Furthermore, we point out that in the USA, there are no legal remedies available to data subjects from Switzerland or the EU that would allow them to obtain access to the data concerning them and to demand its rectification or deletion, or no effective judicial protection against general access rights of US authorities. We explicitly draw the attention of data subjects to this legal and factual situation in order to enable them to make an appropriately informed decision regarding their consent to the use of their data.

Users residing in Switzerland or a Member State of the EU are advised that, from the perspective of the European Union and Switzerland – partly due to the issues mentioned in this section – the USA does not have an adequate level of data protection.

9.0 Right to information, deletion, and correction

You can request information about your personal data stored by us at any time. You are also entitled to request the deletion or correction of your data stored by us at any time. You also have the right to request the data you have provided to us back from us (right to data portability). Upon request, we will also transfer the data to a third party of your choice. You have the right to receive the data in a common file format.

You can do this by sending a corresponding request by e-mail to info@vinylhits.com. A request for the deletion of your customer data must be made by post (a photocopy of your identity card / passport must be enclosed). You can find the contact options under Section 1.0 Contact. For the processing of further requests, we may request proof of identity at our discretion.

10.0 Data Security

We employ appropriate technical and organizational security measures that we deem suitable to protect your data stored by us from manipulation, partial or complete loss, and unauthorized access by third parties. Our security measures are continuously adapted in line with technological developments.

We use technical encryption methods for the transfer of personal data. We also take our internal company data protection very seriously. Our employees and the service providers commissioned by us are obliged to maintain confidentiality and to comply with data protection regulations. Furthermore, they are only granted access to personal data to the extent necessary.

11.0 Use of the Websites by Minors

Our website is aimed at an adult audience. Minors, in particular children under 16, are prohibited from submitting personal data about themselves to us or registering for services without the consent or approval of their parents or guardians. If we discover that such data has been submitted to us, it will be deleted. The parents or legal guardians of the child can contact us and request deletion or deregistration. For this, we require a copy of an official document identifying them as a parent or guardian.

12.0 Data Retention

We store personal data only as long as necessary

  • to use the aforementioned tracking services in the context of our legitimate interest
  • to perform services to the extent mentioned above that you have requested or for which you have given your consent.

 

13.0 Complaint to a Data Protection Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority at any time.

14.0 Changes to the Privacy Policy

We expressly reserve the right to supplement or change this privacy policy at any time. All changes and additions are at the sole discretion of the company.

We don't have something in stock? No problem, we'll find it for you!