Data protection declaration
The responsible body in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Claudia Jäggi Textile Art
E-mail: cj@claudiajaeggi. art
WebSite: https://claudiajaeggi. art/
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG), every person has the right to protection of their privacy and to protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorised access, loss, misuse or deletion.
We would like to point out that the transmission of data on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible. No data will be passed on to third parties without your consent.
Processing of personal data
Personal data is any information that relates to an identified or identifiable person. A data subject is a person about whom personal data are processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.
We process personal data in accordance with Swiss data protection law. Furthermore, we process personal data in accordance with the following legal bases in connection with Art. 6 para. 1 DSGVO – insofar as and to the extent that the EU-DSGVO is applicable:
- Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) – The data subject has given his/her consent to the processing of personal data concerning him/her for a specific purpose or purposes.
- Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR) – The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request.
- Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO) – Processing is necessary to protect the vital interests of the data subject or of another natural person.
- Regular Interests (Art. 6 para. 1 p. 1 lit. f. The processing is necessary for the purposes of the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
- Application procedure as a pre-contractual or contractual procedure. contractual relationship (Art. 9(2)(b) GDPR) – Insofar as special categories of personal data within the meaning of Art. 9(1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application procedure, so that the controller or the data subject can fulfil the obligations imposed on him or her by employment law and the law of the country in which he or she resides. If the data protection officer or the data subject asks for data from job applicants (e.g. health data such as severely disabled person or ethnic origin) so that the data protection officer or the data subject can exercise his or her rights under labour law and social security law and fulfil his or her obligations in this respect, the data is processed in accordance with Art. 9 (2) lit. b. DSGVO, in the case of the protection of vital interests of the applicants or other persons pursuant to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee’s fitness for work, for medical diagnosis, health or social care or treatment or for the management of health or social care systems and services pursuant to Art. 9 (2) h. DSGVO. DSGVO. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 (2) lit. a.
We process personal data for the duration required for the respective purpose or purposes. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.
Relevant legal basis
In accordance with Art. 13 of the GDPR, we will inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing in order to provide our services and carry out contractual measures as well as responding to enquiries is Art. The legal basis for processing in order to fulfil our legal obligations is Art. 6 para. 1 lit. c DSGVO, and the legal basis for processing in order to protect our legitimate interests is Art. 6 para. 1 lit. f DSGVO. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) DSGVO serves as the legal basis.
We take measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing; The data controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, taking into account the state of the art and the nature, scope, context and purposes of the processing as well as the various probabilities of occurrence and the level of risk to the rights and freedoms of natural persons.
The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, securing the availability and separation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to threats to data. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
&Communication of personal data
In the course of our processing of personal data, the data may be communicated to other bodies, companies, legally independent organisational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.
Data processing in third countries
If we process data in a third country (i.e.., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this is only done in accordance with the legal requirements.
Subject to explicit consent or contractually or legally required transfer, we process the data only in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certification or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).
Data protection declaration for cookies
The following cookie types and functions are distinguished:
- Temporary cookies (also:
- Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
- Permanent cookies:
- Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes can be stored in such a cookie.
- First-party cookies: First-party cookies are set by ourselves.
- Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to save logins or other user entries or for security reasons).
Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.
- Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Persons concerned: Users (e.g. website visitors, users of online services).
- Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
Data protection declaration for SSL/TLS encryption
This website uses SSL/TLS encryption for reasons of security and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you send to us cannot be read by third parties.
Data transmission security (without SSL)
Please note that data transmitted via an open network such as the Internet or an e-mail service without SSL encryption can be viewed by anyone. You can recognise an unencrypted connection by the fact that the address bar of the browser shows “http://” and no lock symbol is displayed in your browser bar. Information transmitted via the Internet and content received online may be transmitted via third-party networks under certain circumstances. We cannot guarantee the confidentiality of communications or materials transmitted over such open or third-party networks.
When you disclose personal information over an open or third-party network, you should be aware that your information may be lost or potentially accessed by third parties who may collect and use the information without your consent. While in many cases the individual data packets are encrypted, the names of the sender and recipient are not. Even if the sender and the recipient live in the same country, the data transfer via such networks often takes place without controls via third countries, i.e. also via countries that do not offer the same level of data protection as your country of domicile. We accept no responsibility for the security of your data during transmission via the Internet and disclaim all liability for direct and indirect losses. We ask you to use other means of communication if you consider this necessary or reasonable for reasons of security.
Despite extensive technical and organisational security precautions, it is possible that data may be lost or intercepted and/or manipulated by unauthorised persons. As far as possible, we take appropriate technical and organisational security measures to prevent this from happening within our system. However, your computer is outside the security area under our control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As the website operator, we are in no way liable for any damage that you may suffer as a result of data loss or manipulation.
Data that you enter in online forms may be passed on to commissioned third parties for the purpose of order processing and may be viewed and possibly processed by them.
Data protection declaration for server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This is:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific persons. A combination of this data with other data sources is not made. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
This website may use Google Maps for embedding maps, Google Invisible reCAPTCHA for protection against bots and spam and YouTube for embedding videos.
Google is committed to ensuring adequate data protection in accordance with the US-European and US-Swiss Privacy Shields.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
Data protection declaration for newsletter data
If you wish to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to check that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No other data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example by using the unsubscribe link in the newsletter.
Data protection declaration for the comment function on this website
For the comment function on this website, in addition to your comment, information on the time of the creation of the comment, your e-mail address and, if you do not post anonymously, the user name you have chosen will be stored.
Storage of IP address
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on our site before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.
Subscribing to comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the email address provided. You can unsubscribe from this function at any time via a link in the info mails.
Rights of data subjects
Right to confirmation
Every data subject has the right to request confirmation from the website operator as to whether personal data concerning him or her are being processed. If you wish to make use of this right of confirmation, you can contact the data protection officer at any time.
Right of access
Any person with personal data affected by the processing has the right to receive information free of charge from the operator of this website about the personal data stored about him or her and a copy of this information. Furthermore, information may be provided about the following information, if applicable:
- the purposes of the processing
- the categories of personal data processed
- the recipients to whom the personal data have been or will be disclosed
- if possible, the envisaged duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
- the purposes of the processing
- the categories of personal data processed
- the existence of a right to obtain the rectification or erasure of personal data concerning him or her, or to object to processing by the controller
- the existence of a right of appeal to a supervisory authority
- if the personal data are not collected from the data subject: All available information about the origin of the data
The data subject also has the right to be informed whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information about the appropriate guarantees in connection with the transfer.
If you would like to make use of this right to information, you can contact our data protection officer at any time.
Right of rectification
Any person affected by the processing of personal data has the right to demand the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary explanation, taking into account the purposes of the processing.
If you wish to exercise this right of rectification, you may contact our data protection officer at any time.
Right to erasure (right to be forgotten)
Any person concerned by the processing of personal data has the right to obtain from the controller of this website the erasure without delay of personal data concerning him or her, where one of the following reasons applies and where the processing is not necessary:
- The personal data have been collected or otherwise processed for purposes for which they are no longer necessary
- The data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing
- The data subject objects to the processing for reasons related to his or her particular situation;
- The data subject objects to processing on grounds relating to his or her particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to processing in the case of direct marketing and related profiling
- The personal data have been processed unlawfully;
- The personal data are processed unlawfully
- The processing is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject
- The personal data have been collected in relation to information society services provided directly to a child
If one of the above reasons applies and you object to the processing, the data subject must provide the information to the controller; If one of the above reasons applies and you wish to arrange for the deletion of personal data stored by the operator of this website, you can contact our data protection officer at any time. The data protection officer of this website will ensure that the request is complied with immediately.
Right to restriction of processing
Any person concerned by the processing of personal data has the right to obtain from the controller of this website the restriction of processing where one of the following conditions is met:
- The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data
- The processing is unlawful, the data subject objects to the erasure of the personal data and requests the controller to erase the personal data;
- The controller no longer needs the personal data for the purposes of processing, but the data subject needs them for the establishment, exercise or defence of legal claims against the controller; The data subject has objected to the processing on grounds relating to his or her particular situation and it is not yet clear whether the legitimate interests of the controller override those of the data subject;
If one of the above-mentioned conditions is met, you may request the restriction of personal data stored by the operator of this website at any time by contacting our data protection officer. The data protection officer of this website will arrange the restriction of the processing.
Right to data portability
Every person concerned by the processing of personal data has the right to receive the personal data concerning him or her in a structured, valid and machine-readable format. The data subject also has the right to have the data transferred to another controller, if the legal conditions are met.
The data subject also has the right to have the personal data transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.
In order to assert the right to data portability, you may at any time contact the data protection officer appointed by the operator of this website.
Right to object
Every person affected by the processing of personal data has the right to object at any time to the processing of personal data concerning him or her on grounds relating to his or her particular situation.
The operator of this website shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or if the processing serves the purpose of asserting, implementing or defending legal claims.
To exercise the right to object, you can contact the data protection officer of this website directly.
Right to withdraw consent under data protection law
Any person affected by the processing of personal data has the right to withdraw consent given for the processing of personal data at any time.
If you wish to exercise your right to withdraw your consent, you can contact our data protection officer at any time.
This website uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font is used by your computer.
External payment service providers
This website uses external payment service providers whose platforms allow users and us to make payment transactions. For example, via
- PostFinance (https://www.postfinance.ch/de/detail/rechtliches-barrierefreiheit.html)
- Visa (https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html)
- Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
- American Express (https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html)
- Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
- Bexio AG (https://www.bexio.com/de-CH/datenschutz)
- Payrexx AG (https://www.payrexx. ch/site/assets/files/2592/datenschutzerklaerung.pdf)
- Apple Pay (https://support.apple.com/de-ch/ht203027)
- Stripe (https://stripe.com/ch/privacy)
- Klarna (https://www.klarna.com/de/datenschutz/)
- Skrill (https://www.skrill.com/de/fusszeile/datenschutzrichtlinie/)
- Giropay (https://www. giropay.de/legal/data-protection-clause) etc.
In the context of the performance of contracts, we use the payment service providers on the basis of the Swiss Data Protection Ordinance and, where necessary, Art. 6 para. 1 lit. b. EU-DSGVO. Furthermore, we use external payment service providers on the basis of our legitimate interests in accordance with the Swiss Data Protection Ordinance and, where applicable, in accordance with Article 6 (1) (f) of the EU Data Protection Regulation. EU-DSGVO in order to offer our users effective and secure payment options.
The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and payment amounts, as well as the contract, amounts and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. We as the operator do not receive any information about the (bank) account or credit card, but only information about the confirmation (acceptance) or rejection of the payment. Under certain circumstances, the payment service providers may pass on the data to credit agencies. The purpose of this transmission is to check the identity and creditworthiness of the customer. For this purpose, we refer to the general terms and conditions and data protection information of the payment service providers.
The terms and conditions and data protection information of the respective payment service providers, which can be accessed within the respective website or transaction applications, apply to the payment transactions. We also refer to these for further information and the assertion of revocation, information and other data subject rights.
Order processing in the online shop with customer account
We process the data of our customers in accordance with the data protection provisions of the Federal Data Protection Act. We process the data of our customers in accordance with the data protection regulations of the Federal Government (Data Protection Act, DSG) and the EU-DSGVO, within the framework of the ordering process in our online shop, in order to enable them to select and order the selected products and services, as well as their payment and delivery, or to carry out the order. The data processed includes master data (inventory data), communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services within the scope of operating an online shop, billing, delivery and customer services. We use session cookies, e.g. for saving the contents of the shopping basket, and permanent cookies, e.g. for saving the login status.
The processing is based on Art. 6 Para. 1 lit. b (carrying out order processes) and c (legally required archiving) DSGVO. The information marked as required is necessary for the justification and fulfilment of the contract. We only disclose the data to third parties within the scope of delivery, payment or within the scope of legal permits and obligations. The data is only processed in third countries if this is necessary for the fulfilment of the contract (e.g. at the customer’s request for delivery or payment).
Users can optionally create a user account, in which they can view their orders in particular. As part of the registration process, users are provided with the required mandatory information. The user accounts are not public and cannot be indexed by search engines, e.g. Google. If users have cancelled their user account, their data with regard to the user account will be deleted, subject to its retention being necessary for commercial or tax law reasons in accordance with Art. 6 Para. 1 lit. c DSGVO. Information in the customer account remains until it is deleted, with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to save their data in the event of termination before the end of the contract.
We store the IP address and the time of the respective user action within the scope of registration and renewed registrations as well as use of our online services. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorised use. As a matter of principle, this data is not passed on to third parties, unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.
The data is deleted after the expiry of legal warranty and comparable obligations, and the necessity of storing the data is reviewed at irregular intervals. In the case of legal archiving obligations, the data will be deleted after their expiry.
Note on data transfer to the USA
Our website includes tools from companies based in the USA. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.
Whoever commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.
All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, accurate and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected, unless it can be proven that the damage was caused intentionally or by gross negligence.
The publisher may change or delete texts at his own discretion and without prior notice and is not obliged to update the contents of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its clients or partners are not responsible for any damage, such as direct, indirect, accidental, specific or consequential damage, which is alleged to have arisen as a result of visiting this website and consequently accept no liability for this.
The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.
We may amend this data protection statement at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.
Questions to the Data Protection Officer
If you have any questions about data protection, please write to us by email or contact the data protection officer in our organisation listed at the beginning of the privacy statement directly.