Data Protection

Privacy Policy

1. What does this Privacy Policy deal with?

Swisscom (Switzerland) Ltd ("Swisscom", “we” or “us”) processes your personal data in various ways and for various purposes. “Personal data” means any information concerning an identifiable person, and “processing” means any handling of it, e.g. its acquisition, use and disclosure. 

This Privacy Policy explains how we process such data (hereinafter referred to as Personal Data or Data) if 

  • you visit our website www.079.ch, 
  • you purchase our products in the webshop,
  • you contact us, 
  • you take part in one of our competitions,
  • you subscribe to our newsletter,
  • you have any dealings with us in relation to all other data processing in connection with our content. 

Please take the time to read this Privacy Policy to find out how and why we process your personal data, how we protect your personal data and what rights you have in this regard. 

 

2. Who is responsible for the processing of your data?

The following company is the “controller”, i.e. the body primarily responsible under data protection law for data processing in accordance with this Privacy Policy:

Swisscom (Switzerland) Ltd
Alte Tiefenaustrasse 6
3050 Bern

Switzerland

If you are in contact with another Group company, e.g. because you receive a service from that company or because you have direct contact with that company, the company in question is the controller.

If you have any questions regarding data protection, please do not hesitate to contact Swisscom’s Data Protection Officer or Data Protection Advisor: 

  • By email: datenschutz@swisscom.com 
  • By post: Swisscom (Switzerland) Ltd, Data Protection Officer Swisscom Ltd and Swisscom (Switzerland) Ltd, P.O. Box, 3050 Bern 

 

3. What personal data do we process? 

Depending on the occasion and purpose, we process various categories of personal data. The most important categories are listed below, although this list may not be exhaustive. 

3.1 Contract and master data

Contract and master data are the basic data that we require for the management of our business relationships or for marketing and advertising purposes, which relate directly to you and your characteristics and which are collected in connection with the conclusion or performance of the contract. We process e.g. the following master data:

  • Personal details, such as date of birth, gender, nationality, language
  • Contact and identification data such as title, surname and first name, address, email address, telephone number, customer number
  • Login data such as username and password
  • Contractual data, such as e.g. date, application process, terms of the relevant contract, delivery address, as well as information concerning payments and payment terms, invoices, contacts with customer service, objections, defects, returns, information concerning customer satisfaction, complaints, feedback, etc.

3.2 Communication data 

Communication data is data relating to our communication with you, e.g. if you contact us using the contact form or other means of communication. Examples of communication data are:

  • Name and contact details and content of correspondence
  • Information concerning the type, time and where applicable the location of the communication and other metadata relating to the communication
  • Responding to customer and satisfaction surveys

3.3 Technical data and location data

Technical data are generated in connection with the use of our website. These include, e.g., the following data:

  • Standard technical parameters (e.g. smartphone device number IMEI, MAC address, host name) regarding your personal devices (e.g. smartphones or PC)
  • Information relating to your device, your device’s operating system or language settings
  • Date and time of access to the website and your approximate location
  • Information concerning your browser type and settings, view formats, bandwidths used, connection type, speed and quality
  • Information relating to your address such as e.g. your IP address

3.4 Behavioural and preference data

In order to tailor our content and services to you in the best possible way, we try to get to know you and better align our services with your needs. For this purpose, we collect and use data relating to behaviour on our website. Such data may also be collected on the basis of technical data. We may also use your other interactions with us as behavioural data and also cross-reference such data with other data (e.g. with anonymous information from statistical bodies) and evaluate these data on a personal and non-personal basis. Preference data then provides us with information relating to your likely needs as well as the services that could be of interest to you. 

 

4. For what purposes do we process your personal data?

We use the personal data collected by us primarily to process your order in our webshop. If you have subscribed to our newsletter, we will also use your email address in order to send it. In addition, we also process your personal data, to the extent permitted and deemed appropriate by us, for other purposes in which we (and under certain circumstances third parties) have a legitimate interest commensurate with the purpose:

  • Communication purposes, i.e. to establish and maintain contact with you. This includes responding to enquiries and contacting you in the event of any queries, for example by email. For this purpose, we process your communication and master data in particular.
  • Customer care and marketing purposes, in order to provide you with targeted information about offers in line with your personal interests and preferences, e.g. through the newsletter. For this purpose, we process technical data, master and communication data, as well as behavioural data. 
  • We also process data to improve our services and for product development purposes.
  • Ensuring IT security and for preventive purposes: We process personal data to monitor the performance of our business, including in particular IT systems, our website, applications and other platforms, for security purposes, to guarantee IT security, to prevent theft, fraud and misuse and for evidentiary purposes. This includes, for example, the evaluation of system logs relating to usage of our systems (log data), the prevention of, defence against and investigation of cyberattacks and malware attacks, analyses and tests of our networks and IT infrastructure, as well as system and error checks.
  • Enforcing rights: We also process personal data under certain circumstances in order to enforce claims in court, in advance of court action or out of court and before authorities in Switzerland and abroad, or to defend ourselves against claims. Master and communication data may be processed for this purpose.
  • Complying with legal requirements: This includes e.g. the processing of complaints and other reports, compliance with court or administrative orders, measures to detect and investigate misuse and in general any action that we are obliged to carry out in accordance with the applicable law or under the terms of self-regulatory or industry standards. In particular, we may process your master, contract and communication data for this purpose.
  • Administration and support: In order to design our internal processes efficiently, we process data where necessary in relation to IT management, accounting or data archiving. In particular, communication and behavioural data and technical data may be used for this purpose.

 

5. Do we use cookies on our website?

Cookies are small files that your browser automatically stores on your device when you visit our website. Cookies contain a unique identification number (an ID) that allows us to distinguish among individual visitors. We use the following types of cookies:

  • Strictly necessary cookies: Strictly necessary cookies are required for the functionality of the website. 
  • Statistics and analysis: With this setting, you allow us to determine the number of visitors to our websites and to analyse how visitors use our website. You also help us to ensure that the website runs stably, reliably and quickly, and can be constantly optimised.
  • Personalisation of our website and our content: With this setting, you allow us to optimise and personalise your website visit for you, e.g. by saving your language selection. In addition, it is possible for us to log your user behaviour on our website and to obtain information about your preferences from these data. 
  • Swisscom advertising with third parties: With this setting, you allow us to use services of third-party providers, such as Google or Facebook, in order to show you Swisscom advertising and content on their websites. For this purpose, we transmit data concerning your user behaviour on our websites to the providers. We also measure how well our advertising works on the websites of the third-party providers.
  • Visitor identification: If you allow this, we will be able to recognise you as a customer of Swisscom based on your IP address, even if you are not logged in to our Customer Centre.

If we use cookies, our aim is to distinguish between any access by you (via your system) and those of other users in order to ensure the functionality of the website and to perform statistical analyses. The purpose of the cookies used by us is to ensure system security and stability and to enable various functions of our website. Cookies also help, for example, to store your country and language default settings across different pages during an internet session. With your consent, we can also record and analyse user behaviour on our website. This enables us to make our website more user-friendly and effective and to make your visit to the website as pleasant as possible. In addition, we may display information to you on the website that is specifically tailored to your interests. 

With your consent, we also use cookies to optimise our advertising. Cookies allow us to present you with advertising and/or special products to you that may be of particular interest to you based on your use of our website. Our goal is to make our website as attractive as possible for you and to only show you advertising that corresponds to your presumed areas of interest. 

5.1 How can the use of cookies cookies be deactivated?

You can change your cookie settings at any time here. If you decide not to accept our cookies or the cookies and tools of our partner companies, you will not see certain information on our website and will not be able to use certain features intended to improve your visit.

5.2 Cookies of partners and third parties on our website

The cookies used by us may in each case originate from us, from other companies of the Swisscom Group or from independent third-party companies. Third-party providers and their servers may also be located outside Switzerland and the European Economic Area (EEA), provided that the protection of your personal data is adequately ensured.

The following are examples of two of the most important cookies and tracking tools that we use. Other third-party providers generally process personal and other data in a similar manner.

  • Google Analytics, an analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, USA) and Google Ireland Ltd. (Google Building Gordon House, Barrow St, Dublin 4, Ireland; both referred to jointly as "Google", whereby Google Ireland Ltd is responsible for the processing of personal data). Google uses cookies to collect certain information concerning the behaviour of individual users on or in the relevant website and the end device used for this purpose (tablet, PC, smartphone, etc.). Information concerning data protection at Google Analytics can be found here.
  • Meta-Pixel, an analysis tool from Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). This allows us to manage adverts with Meta and Meta's partners so that they are only displayed to users who are likely to be interested in the adverts. We may also measure the effectiveness of such adverts for statistical and market research purposes. We are jointly responsible with Meta for sharing the information Meta receives as a result, for displaying personalised adverts, for improving advert delivery, and for personalising content. The data are stored on servers in the EU/EEA and the USA. You can find more information about data protection at Meta and the respective settings options here.

 

6. Does any profiling take place?

We may process and evaluate your data automatically in accordance with Section 3 above. This also includes "profiling", i.e. the automated evaluation of data for analysis and forecasting purposes, to determine preference data, but also to identify risks of misuse and security risks. The most important examples are profiling for the purpose of combating money laundering and terrorist financing, fraud prevention, credit checks and risk management, as well as for customer care and marketing purposes.

 

7. How do we process data in connection with social media?

On our website, we offer you the option of using a “social media plugin” from Facebook, Instagram, LinkedIn etc. in order to integrate functions of these providers into our websites. These plugins are disabled by default. As soon as you click on them, the respective providers are able to determine that you are on our website. If you have a corresponding account with the social media provider, they can assign this information to you and thus track your use of online content. In view of their status as joint controllers, you can submit requests for information and other data subject enquiries directly to the provider concerned.

If you communicate with us via social media and our social media profiles (e.g. on Facebook, Instagram, etc.) or comment on or share content, we collect information concerning this, which we use primarily for communication with you, for marketing purposes and for statistical evaluations. The platform provider may also itself collect and use data (e.g. concerning user behaviour) when our social media pages are visited. You can find further information concerning data processing by the providers of social networks in the privacy policies of the respective social networks.

 

8. To whom do we disclose your personal data?

We also disclose your personal data to other recipients within the ambit of our processing. We may also disclose your personal data to other Swisscom Group companies. Any disclosure may serve the purposes of intra-group administration and its own processing purposes, e.g. for the personalisation of marketing activities or the development and improvement of services. We also disclose to service providers the personal data required for their services. This applies in particular to payment service providers and IT service providers (e.g. Shopify and Google Workplaces – you can find the Shopify Privacy Policy here and the Google Workplaces Privacy Policy here). Where service providers process personal data as outsourced data processors, they are obliged to process personal data exclusively in accordance with our instructions and to take action to ensure data security. 

Data may also be disclosed to other recipients, e.g. to courts and authorities in the context of proceedings and under the terms of statutory disclosure and cooperation obligations. In individual cases, we may also disclose personal data to other third parties for their own purposes, e.g. if you have given us your consent or if we are legally obliged or entitled to disclose such data. 

 

9. Do we disclose personal data abroad?

Recipients of data are located not only in Switzerland. This is the case in particular for certain service providers. They may also be located outside the European Economic Area (EEA) and Switzerland (in particular in the USA and Ireland), but also in other countries around the world. We may, for example, transmit data to authorities and other persons abroad if we are legally obliged to do so or, e.g., in the context of a company sale or court action. Not all of these countries currently guarantee a level of data protection corresponding to Swiss law. In such cases, we conclude contracts (in particular the standard contractual clauses issued by the European Commission, which have been recognised by the Federal Data Protection and Information Commissioner (FDPIC)) to compensate for the lower level of data protection.

 

10. How long do we process personal data?

We store and process your personal data for as long as it is necessary for the purpose of processing (in relation to contracts, generally for the duration of the contractual relationship), for as long as we have a legitimate interest in storage (e.g. for the enforcement of legal claims, for archival purposes and/or to ensure IT security) and for as long as data are subject to a statutory retention obligation (e.g. a ten-year retention period applies to certain data). Unless required otherwise under law or contract, we will erase or anonymise your data after expiry of the storage or processing period as part of our usual procedures.

We generally retain contractual data for 10 years from the last contractual activity, or if later from the expiry of the contract. This period may be longer if necessary due to evidentiary reasons or in order to comply with legal or contractual requirements, or if this is technically necessary.

 

11. What rights do you have?

Under applicable data protection law, you have certain rights so that you can obtain further information relating to data processing by us and exert an influence on it. These include, in particular, the following rights: 

  • Right to information: You can obtain further information concerning data processing by us. Please do not hesitate to contact us in order to do so. You can also submit an access request for information if you wish to receive further information and/or a copy of your data.
  • Transmission: You can receive the personal data that you have provided to us in a structured, commonly used and machine-readable format or have them transmitted to a third party, where the corresponding data processing is based on your consent or is necessary for the performance of a contract.
  • Objection and erasure: You may object to data processing by us and also request that we erase your personal data at any time unless we are obliged to continue processing or storing these data, or unless they are necessary for the performance of the contract. 
  • Rectification: You may have incorrect or incomplete personal data rectified or completed or have the data supplemented by a note marking the objection.
  • Withdrawal of consent: If we process data based on your consent, you can withdraw your consent at any time. Such withdrawal of consent is only valid with future effect and we reserve the right to continue to process data on a different basis in the event that consent is withdrawn. 

The aforementioned rights may be subject to statutory requirements and restrictions and are therefore not fully available in all cases. In particular, we may need to further process and store your personal data for the performance of a contract with you, to safeguard our own legitimate interests, such as the exercise or defence of legal claims, or to comply with legal obligations. Where permitted by law, in particular to protect the rights and freedoms of other data subjects and to safeguard legitimate interests, we may therefore reject a request received from a data subject either entirely or in part. 

You also have the right to lodge a complaint concerning our processing of your data with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).


Bern, November 2023