Privacy Declaration

PRIVACY POLICY

Protecting personal data is a special concern for Rhythm & Denim.

With this privacy policy, we inform about the personal data we process in connection with our activities and operations, including our website. We particularly inform about the purposes, methods, and locations of processing personal data. We also provide information about the rights of individuals whose data we process.

For specific or additional activities and operations, additional privacy policies, as well as other legal documents such as Terms and Conditions (T&C), Terms of Use, or Participation Terms may apply.

We are subject to Swiss data protection law.

1. Contact

Responsible for processing personal data:

Rhythm & Denim Überlandstrasse 22 8953 Dietikon

Email: info@rhytmdenim.com

We will inform if there are other responsible parties for processing personal data in specific cases.

1. Terms and Legal Bases

2.1 Terms

Personal data includes all information that relates to a specific or identifiable natural person. A data subject is a person about whom we process personal data.

Processing includes any handling of personal data, regardless of the means and methods applied, such as querying, matching, adjusting, archiving, storing, extracting, disclosing, acquiring, recording, collecting, deleting, disclosing, organizing, storing, changing, distributing, linking, destroying, and using personal data.

The European Economic Area (EEA) includes the member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland, and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data.

2.2 Legal Bases

We process personal data in accordance with Swiss data protection law, especially the Federal Data Protection Act (Datenschutzgesetz, DSG) and the Data Protection Ordinance (Datenschutzverordnung, DSV).

1. Type, Scope, and Purpose

We process the personal data necessary to perform our activities and operations permanently, user-friendly, securely, and reliably. Such personal data may fall into categories like inventory and contact data, browser and device data, content data, meta or marginal data, and usage data, location data, sales data, as well as contract and payment data.

We process personal data for the duration necessary for the respective purpose or purposes or as required by law. Personal data that is no longer required will be anonymized or deleted.

We may engage third parties to process personal data. We may process or transmit personal data jointly with third parties. Such third parties are particularly specialized providers whose services we use. We also ensure data protection when using such third parties.

We process personal data only with the consent of the data subject, unless processing is permitted for other legal reasons. Processing without consent may be permissible, for example, to fulfill a contract with the data subject, for corresponding pre-contractual measures, to safeguard our overriding legitimate interests, because processing is apparent from the circumstances, or after prior information.

In this context, we process information that a data subject voluntarily transmits to us when contacting us - for example, by postal mail, email, instant messaging, contact form, social media, or telephone - or when registering for a user account. We may store such information in an address book, in a Customer Relationship Management (CRM) system, or similar tools. When we receive data about other persons, the transmitting persons are obliged to ensure data protection for these persons and ensure the accuracy of this personal data.

We also process personal data that we receive from third parties, obtain from publicly available sources, or collect during the exercise of our activities and operations, provided that and to the extent such processing is legally permissible.

1. Applications

We process personal data about job applicants to the extent necessary for assessing suitability for an employment relationship or for the subsequent execution of an employment contract. The necessary personal data can be found, in particular, in the information requested, for example, in a job advertisement. We also process personal data that applicants voluntarily provide or publish, especially as part of cover letters, resumes, and other application documents, as well as online profiles.

1. Personal Data Abroad

We generally process personal data in Switzerland and the European Economic Area (EEA). However, personal data may also be exported or transmitted to other states, especially to process or have it processed there.

We may export personal data to all countries and territories on earth, provided that the law there ensures adequate data protection according to a decision of the Swiss Federal Council.

We may transfer personal data to states whose law does not ensure adequate data protection, provided that data protection is ensured for other reasons, especially based on standard data protection clauses or other suitable guarantees. Exceptionally, we may export personal data to states without adequate or suitable data protection if the special data protection requirements are met, such as the explicit consent of the data subjects or a direct connection with the conclusion or execution of a contract. Upon request, we will gladly provide information to data subjects about any guarantees or provide a copy of any guarantees.

1. Rights of Data Subjects

6.1 Data Protection Claims

We grant data subjects all rights under applicable data protection law. Data subjects have, in particular, the following rights:

Information: Data subjects can request information about whether we process personal data about them and, if so, what personal data it is. Data subjects also receive the information necessary to assert their data protection rights and ensure transparency. This includes the processed personal data as such, but also information about the processing purpose, the storage duration, any disclosure or transfer of data to other countries, and the origin of the personal data.

Correction and Restriction: Data subjects can have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.

Deletion and Objection: Data subjects can request the deletion of personal data ("right to be forgotten") and object to the processing of their data for the future. Data Disclosure and Data Transfer: Data subjects can request the disclosure of personal data or the transfer of their data to another responsible party.

We may postpone, restrict, or refuse the exercise of the rights of data subjects within the legally permissible framework. We may inform data subjects of any requirements to exercise their data protection rights. For example, we may refuse to provide information with reference to business secrets or the protection of other persons, in whole or in part. We may also refuse to delete personal data with reference to legal retention obligations, in whole or in part.

We may provide for costs in exceptional cases for the exercise of rights. We will inform data subjects in advance of any potential costs.

We are obligated to identify data subjects who request information or exercise other rights with appropriate measures. Data subjects are required to cooperate.

6.2 Right to Complain

Data subjects have the right to enforce their data protection claims in court or to lodge a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for private responsible parties and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

1. Data Security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. However, we cannot guarantee absolute data security.

Access to our website is via transport encryption (SSL/TLS, especially with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

Our digital communication, like any digital communication, is subject to mass surveillance without cause and suspicion and other surveillance by security authorities in Switzerland, the rest of Europe, the United States of America (USA), and other countries. We cannot directly influence the processing of personal data by intelligence services, police, and other security authorities.

1. Use of the Website

8.1 Cookies

We may use cookies. Cookies - both own cookies (first-party cookies) and cookies from third parties whose services we use (third-party cookies) - are data stored in the browser. Such stored data does not necessarily have to be limited to traditional cookies in text form.

Cookies can be stored in the browser temporarily as "session cookies" or for a specific period as so-called persistent cookies. "Session cookies" are automatically deleted when the browser is closed. Persistent cookies have a specific storage period. Cookies, in particular, allow a browser to be recognized on the next visit to our website and, for example, measure the reach of our website. However, without cookies, our website may not be fully available. We request - at least if and to the extent necessary - explicit consent to the use of cookies.

8.2 Server Log Files

For each access to our website, we may record the following information if it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website called including the transmitted data volume, last website called in the same browser window (referer or referrer).

We store such information, which may also constitute personal data, in server log files. The information is necessary to provide our website permanently, user-friendly, and reliably and to ensure data security, especially the protection of personal data - also by third parties or with the help of third parties.

8.3 Tracking Pixels

We may use tracking pixels on our website. Tracking pixels are also called web beacons. Tracking pixels - also from third parties whose services we use - are small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can capture the same information as in server log files.

1. Notifications and Messages

We send notifications and messages by email and other communication channels such as instant messaging or SMS.

9.1 Success and Reach Measurement

Notifications and messages may contain web links or tracking pixels that record whether an individual message has been opened and which web links were clicked. Such web links and tracking pixels can also capture the personal use of notifications and messages. We need this statistical recording of usage for success and reach measurement to send notifications and messages effectively, user-friendly, and permanently, securely, and reliably based on the needs and reading habits of recipients.

9.2 Consent and Objection

In principle, you must expressly consent to the use of your email address and other contact addresses, unless the use is permissible for other legal reasons. For any such consent, we use the "double opt-in" procedure if possible, meaning you receive an email with a web link that you must click to confirm, so that misuse by unauthorized third parties can be prevented. We may log such consents, including Internet Protocol (IP) address, date, and time, for evidence and security reasons.

You can generally object to receiving notifications and messages such as newsletters at any time. With such an objection, you can also object to the statistical recording of usage for success and reach measurement. Necessary notifications and messages in connection with our activities and operations remain reserved.

9.3 Service Providers for Notifications and Messages

We send notifications and messages with the help of specialized service providers.

1. Social Media

We are present on social media platforms and other online platforms to communicate with interested individuals and to inform about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland and the European Economic Area (EEA).

The General Terms and Conditions (GTC) and terms of use as well as privacy policies and other provisions of the respective operators of such platforms also apply. These provisions inform, in particular, about the rights of data subjects directly against the respective platform, including the right to information.

1. Third-Party Services

We use services from specialized third parties to perform our activities and operations permanently, user-friendly, securely, and reliably. With such services, we can embed functions and content into our website. In the context of such embedding, the services used must, for technical reasons, at least temporarily record the Internet Protocol (IP) addresses of users.

For necessary security-related, statistical, and technical purposes, third parties whose services we use may process data in connection with our activities and operations aggregated, anonymized, or pseudonymized. This includes performance or usage data, for example, to be able to offer the respective service.

We use, in particular:

Google Services: Providers: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General Privacy Information: "Privacy Policy."

11.1 Digital Infrastructure

We use services from specialized third parties to be able to use the required digital infrastructure in connection with our activities and operations. This includes, for example, hosting and storage services from selected providers.

We use, in particular:

WILDSPACE: Hosting; Provider: SKALM GmbH (Switzerland); Privacy Information: "Privacy Policy."

11.2 Contact Options

We use services from selected providers to better communicate with third parties such as potential and existing customers.

11.3 Audio and Video Conferences

We use specialized services for audio and video conferences to be able to communicate online. We can use it, for example, to hold virtual meetings or conduct online teaching and webinars. For participation in audio and video conferences, the legal texts of the individual services such as privacy policies and terms of use also apply.

We recommend, depending on the life situation, muting the microphone by default and blurring the background or displaying a virtual background during participation in audio or video conferences.

We use, in particular:

Teams: Video conferences; Provider: Microsoft. (USA); Privacy Information: "Privacy Policy." Teamviewer: Video conferences; Provider: TeamViewer (DE); Privacy Information: "Privacy Policy." Zoom: Video conferences; Provider: Zoom Video Communications Inc. (USA); Privacy Information: "Privacy Policy."

1. Final Provisions

We may adjust and supplement this privacy policy at any time. We will inform about such adjustments and supplements in an appropriate form, especially by publishing the current privacy policy on our website.