Privacy Policy
This privacy policy applies to all business units of Alcomo SA.
Data protection is a matter of trust, and your trust is important to us. We respect your personality and privacy. We also want to make sure that your personal data are protected and processed in accordance with the law.
We would like to inform you in the following which data we use for which purposes. If you have any further questions regarding the handling of your personal data, please do not hesitate to contact our data protection officer (see below for contact details).
When we refer in this privacy statement to the processing of your personal data, we mean any form of handling of your personal data. This includes, for example:
- the collection,
- storage,
- management,
- use,
- transmission,
- disclosure or
- deletion of your personal data.
If any inconsistencies arise between this Privacy Policy and the otherwise applicable contractual or business terms of Alcomo SA, the provisions of the agreed contractual or business terms shall prevail. The data protection information in this privacy policy is of a purely informative nature and Alcomo SA reserves the right to amend this data protection declaration at any time. The version published on this website at any given time shall apply.
1. How do we protect your personal data?
We have technical and organisational security procedures to maintain the security of your personal data and to protect your session data of this website and personal data against unauthorised or illegal processing and/or against unintentional loss, modification, disclosure or access. Nevertheless, you should always be aware that the transmission of data over the Internet and other electronic means entails certain security risks, and that we cannot give any guarantee for the security of data that are transmitted in this way.
We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with the relevant data protection regulation, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.
For access to our website, HTTPS is used exclusively, whereby data is transmitted in encrypted form.
Nevertheless, the processing of personal data on the Internet can always have security gaps; Alcomo SA can therefore not guarantee absolute security.
2. How long do we keep data for?
We keep your personal data for as long as we consider necessary or appropriate to comply with the applicable laws or for as long as they are necessary for the purposes for which they were collected. We delete your personal data as soon as they are no longer required and there are no legal retention requirements.
Our hosting provider is based in Switzerland. The associated servers and the entire infrastructure are located in Switzerland and data is therefore stored in Switzerland.
You can find information about our website’s cookie storage in detail below.
3. What rights do you have in respect to your personal data?
You have the right to assert your data protection rights at any time, and to obtain information about your stored personal data, to rectify, add to, object to the processing of your personal data, or demand the deletion of your personal data. The deletion does not include the data we need to retain for administrative, legal or security-related needs. You will find details of how to contact us in section 4 below. We reserve the right to correspond with you electronically in this connection (especially by e-mail).
4. How can you contact us?
If you would like to assert your rights in respect of your personal data, or if you have any questions or concerns relating to the processing of your personal data, you can contact us as follows: https://www.alcomo.com/en/contact/. We will make every effort to respond to your questions or concerns immediately after receipt.
5. Who is the owner of the data collected?
The owner of the data collection is Alcomo SA, Ackerstrasse 45, CH-8610 Uster. Commercial register.
6. When do we collect your personal information?
We collect your personal data whenever we have contact with you. The situations in which we have contact with you are varied. For example, we collect your personal information in the following circumstances:
- When you purchase our goods or services via our websites or in direct contact with us;
- When you take part in our courses, seminars or training programs;
- When you claim a service from our Customer Services;
- When you use a service from us;
- When you register a product or service purchased from us;
- When you receive a newsletter or other advertisement about our products and services;
- When you take part in a competition or prize draw;
- When you take part in one of our market research promotions or surveys;
- When you use, or communicate with us or third parties via our websites, apps for mobile devices or offers on internet platforms, multimedia portals and/or social networks;
- When you communicate with us by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging or Instant Messaging;
- When you use our Alcomo HACCP app or the Alcomo Cockpit to document hygiene and food safety processes;
7. Which personal information do we collect?
The personal data collected are similarly varied. Firstly, we collect personal data which you make available to us. Secondly, we collect personal data which are automatically or manually recorded when you contact us, for example:
Data about you:
- Name and first name;
- Date of birth and age;
- Gender;
- Home address / business address;
- Customer and shopping preferences;
- Delivery address;
- Invoice address;
- Credit card and account information;
- Language preferences;
- Telephone number(s);
- E-mail address(es);
- Identification numbers of your technical devices;
- Customer numbers;
- Details of newsletters subscribed to or other publicity;
- Consent to receive advertising material;
- Online customer account information (including date of opening, user names, profiles);
- Memberships within our business unit;
- Data from the use of the Alcomo HACCP app or the Alcomo Cockpit for the documentation of processes in the area of hygiene and food safety, including configuration data such as employee data;
Data relating to customer activities
- Contract dates (including contract date, type of contract, contract provisions; parties to the contract; term of contract; contract value; claims lodged under contract);
- Purchasing information (including date of purchase; place of purchase; time of purchase; type, quantity and value of the products and services purchased; shopping basket; cancelled shopping basket; payment method used; paying agent; purchasing history);
- Customer service information (including product returns, complaints, guarantee claims, delivery information);
- Session dates with reference to visits to our websites, apps for mobile devices or offers on Internet platforms, multimedia portals and/or social networks (including duration and frequency of visits, language and regional defaults, information about browser and computer operating system, Internet Protocol addresses, search terms and search results; ratings submitted);
- Location data when using mobile devices;
- Communications by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging or Instant Messaging;
Content data
Examples of content data are:
- Text input;
- Photographs;
- Videos;
- Data from the use of our Alcomo HACCP app or the Alcomo Cockpit
Usage data
Examples of usage data, which are anonymized, are:
- Pages visited;
- interest in content;
- access times;
Meta / data communication
Examples of meta/communication data stored, for example, when using our app are:
- Device information;
- IP addresses;
Comments and posts
When users leave comments or other contributions, their IP addresses and email addresses may be stored. This is for our own safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we can be prosecuted for the comment or post and are therefore interested in the identity of the author. Furthermore, we reserve the right to process the user’s data for the purpose of spam detection.
The data provided in the comments and contributions are stored by us permanently until the users object.
In our blog, the authors describe their subjective view of a topic. Readers have the opportunity to respond by commenting on the relevant post. Both authors and commentators have the option to use a pseudonym instead of their correct name. A valid e-mail address is required but will not be published. Please note: Blog posts as well as comments are visible to all internet users and very easy to find via search engines.
If you have posted a post or comment on our blog, you have the right to have it deleted or corrected by us.
Our blog offers the reader the opportunity to subscribe to posts and comments as an RSS feed. Depending on the RSS reader used, only the headline, but also the entire post, can be stored in it. We have no control over the deletion or correction of the data in subscribers’ RSS readers, from the moment a post or commentary is posted.
Embedded content from other websites
Alcomo SA deliberately refrains from using embedded content from third-party providers. This prevents information from being transmitted to the corresponding provider when a website is called up.
8. Why do we process personal data?
We process your personal data for a variety of purposes. These purposes can be summarized in different groups. In particular, we may process all or some of your personal data for one or more of the following purposes:
8.1 Purposes of processing in connection with our products and services
- Supply and sale of our products and services;
- Handling of orders and contracts, including sending of order and dispatch confirmations, delivery confirmations, delivery and invoicing;
- Organization and provision of courses, seminars or training programs;
- Organization and provision of customer service services;
- Organization and conduct of market research and surveys;
- Verification of customer creditworthiness.
8.2 Purposes of processing in connection with customer communication
- Provision, administration and realization of customer communication by post and via electronic communications media;
- Business communication by post and by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging or Instant Messaging;
- Assessing the use of our products by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS) or Instant Messaging such as: type of use, frequency and duration of use, exact location of use.
8.3 Purposes of processing in connection with special activities and events
- Organization and realization of competitions or prize draws, including notification and publication of winners via our websites, apps for mobile devices or our products on Internet platforms, multimedia portals or social networks;
8.4 Purposes of processing in connection with the customer behavior analysis
- Optimization of our product range. This is done by means of individualized and personal, but also anonymous and group-based recording and evaluation of historical and current customer and purchasing behavior in our businesses or other premises – including the creation and analysis of location data and shopping basket analysis;
- Individualized and personal or anonymous and group-based recording and evaluation of historical and current purchasing behavior in the use of products on our websites, apps for mobile devices or on our Internet platforms, multimedia portals and/or social networks;
- Individualized and personal and/or anonymous and group-based identification, classification and analysis of current and potential customer needs and customer interests;
- Individualized and personal and/or anonymous and group-based categorization and analysis of customer behavior and customer potential:
- Statistical evaluation of customer behavior based on anonymized customer data;
- If you do not log in to our website, only anonymized data is stored. Even if you are logged in, the data is stored anonymously to analyze customer behavior. Only an additional cookie is set for customers who are logged in to ensure the functions for logged-in customers.
8.5 Purposes of processing in connection with direct marketing
- Simplification of procedures – such as purchases or bookings – and use of findings from the analysis of customer behavior for continual improvement of all product and service ranges;
- Avoidance of unnecessary advertising through findings from the analysis of customer behavior for individualized and personalized direct marketing;
- Sending of individualized and personalized advertising by post or by telephone, fax, e-mail, voicemail, text messaging (SMS), picture messaging (MMS), video messaging or Instant Messaging;
- Individualized and personalized matching of offers and advertising on our websites, apps for mobile devices or with our channels on Internet platforms, multimedia portals and/or social networks.
8.6 Purposes of processing in connection with the Alcomo HACCP app and the Alcomo Cockpit
The app serves to optimize HACCP & hygiene process documentation and ensures that you can comply with legal requirements efficiently and effectively. Here you will find an overview of the data processing practices specific to the Alcomo HACCP App and the Alcomo Cockpit:
- Purpose of data collection:
- Recording and management of HACCP & hygiene documentation.
- Improving service quality and user experience.
- Type of data collected:
- Employee data (names, roles within the app).
- HACCP and hygiene-related data (checklists, temperature records, cleaning plans, etc.).
- App configuration data (settings, preferences).
- Storage location:
- Data is transmitted in encrypted form and stored securely on Swiss servers.
- Storage duration:
- Data is stored for as long as is necessary for the purposes for which it was collected or to comply with legal requirements.
- Access rights:
- Access to data is strictly controlled and restricted to authorized persons.
- Safety measures:
- Comprehensive technical and organizational measures to protect data from unauthorized access and misuse.
9. Whom do we pass your personal data on to?
We may also pass your personal data on to third parties, in order to make use of technical or organizational services which we need to meet the purposes specified or for our other business activities. Our service providers are contractually bound to process personal data exclusively on our behalf and in accordance with our instructions. We also oblige our service providers to comply with technical and organizational measures which guarantee the protection of personal data. If the service providers are located in countries where the applicable laws do not provide any protection of personal data that is comparable with that provided by Swiss/European law, we will ensure by contract that the service providers concerned maintain the Swiss/European level of data protection.
We may also pass your personal data on if we regard this as necessary to comply with the applicable laws and regulations, for court proceedings, if required to do so by the competent courts and authorities, or under other legal obligations, in order to protect and defend our rights and/or our property.
10. How do we use cookies?
We also use so-called cookies on our website. These are small text files that are stored on your computer or mobile device when you use one of our websites. We would also like to provide you with comprehensive information about our use of cookies.
10.1 Why do we use cookies?
The cookies we use are primarily used to ensure the functions of our Internet pages – such as shopping cart functionality, security, language selection – or to obtain information on how we can improve our website. Currently, we only use technically necessary cookies.
10.2 Which cookies do we use?
There are different types of cookies. Session cookies are temporary cookies that are stored in the user’s Internet browser until all browser windows are closed and the session cookies are thus deleted. Permanent or persistent cookies are used for repeated visits and are stored in the user’s browser for a predefined time.
Detailed information on the cookies used and their storage time can be found on the following page: Cookies
10.3 Which data are stored in cookies?
The cookies we use can generally not be assigned to a specific person.
Generally, only a randomly generated and unique number, through which your computer is recognized, is stored. This makes web applications such as online stores and online banking possible: the website “remembers” you accordingly, so that, for example, the previously selected goods do not disappear from your shopping cart every time you open another page.
Exception: Cookies that can be stored when posting comments and the cookie that is necessary for logged-in customers store data that could be assigned to specific individuals. For the comment cookies, there is an opt-in procedure where you can accept or reject these cookies. The cookie that is necessary for logged-in customers is a technically necessary cookie.
If you agree to the comment cookies when writing comments, the name and e-mail address recorded in the comment form will also be saved in the cookies stored on your computer so that you do not have to enter this data again the next time you make a comment.
10.4 How can you can prevent the storage of cookies?
Most web browsers automatically accept cookies. They can, however, instruct your browser not to accept any cookies, or to ask you each time before a cookie from a website you have visited is accepted. You can also delete cookies from your computer or mobile device by using the appropriate function on your browser. If you decide not to accept our cookies, you will not be able to see certain information on our websites or use a number of functions which should improve your visit.
11. Newsletter
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or a legal permission. Insofar as the contents of a newsletter are concretely described, they are authoritative for the consent of the users. Our newsletter contains information about our services and us. In addition, customers who use our Alcomo HACCP app receive newsletters about new features and tips on the app. We send this information associated with the service also without the specific consent of the user, based on the use of our services.
Double opt-in and logging: Registration for our newsletter is done in a so-called double-opt-in procedure. This means you will receive an e-mail after the registration, asking for confirmation of your registration. This confirmation is necessary so that nobody can register with foreign or fake e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the newsletter shipping service provider will be logged.
Credentials: To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give a name in the newsletter for personal address.
The dispatch of the newsletter and the performance measurement associated with it are based on the consent of the recipients in accordance with the relevant data protection regulation (e.g. GDPR).
The logging of the registration process is based on our legitimate interests in accordance with the relevant data protection regulation (e.g. GDPR). Our interest lies in the use of a user-friendly and secure newsletter system, which serves both our business interests and the expectations of the users and also allows us to prove the consents of the users.
Termination / Revocation – You may terminate the receipt of our newsletter at any time, ie. revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests before we delete them to provide prove of the previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that at the same time the former existence of a consent is confirmed.
Newsletter mailing and usage analysis
Our newsletters are sent and subscriber data is managed via an internal process that is implemented on our server. This configuration ensures that all relevant data, including the e-mail addresses of our subscribers, is stored and processed directly on our own server. This gives us complete control over the security and processing of this information, which enables us to offer a high level of data protection and data security.
We use the Amazon Simple Email Service (Amazon SES) from Amazon Web Services, Inc. for the actual sending of email messages. (AWS) (410 Terry Avenue North, Seattle WA 98109, United States). Choosing Amazon SES as our email delivery service allows us to benefit from its high reliability and scalability, while the actual data management and storage remains on our server. By separating data management from email delivery, we can protect the privacy of our users while ensuring efficient and secure delivery of our newsletters.
The data you provide to receive the newsletter, such as your e-mail address, is stored on AWS servers in Germany, more precisely in Frankfurt. This ensures compliance with the General Data Protection Regulation (GDPR) by using servers within the EU. However, it should be noted that data may be transferred to other regions under certain circumstances. We have concluded an order processing contract with Amazon, which obliges AWS to protect our customers’ data and not to pass it on to third parties. For the transfer of data from the EU to other regions, AWS relies on the standard data protection clauses of the European Commission, which are intended to guarantee a European level of data protection in other countries as well.
Your consent to the storage of the data, e.g. your e-mail address, and its use for sending the newsletter is expressly given on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw this consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Analyzing the behavior of newsletter recipients through our newsletters sent with Amazon SES allows us to understand the interactions with the newsletter, including the open rate and the click rate on links within the newsletter. This analysis is carried out using web beacons or tracking pixels contained in the emails, which enable us to determine whether and when an email was opened and which links were clicked on.
In addition to the behavioral data, technical information such as the time of access, the IP address, the browser type and the operating system are also recorded in the newsletter analysis. These evaluations serve the purpose of recognizing the reading habits of our users and adapting our newsletter content accordingly or sending different content according to the interests of our users.
The privacy policy of Amazon Web Services, Inc. can be found under the following link: AWS Privacy Policy.
2. How do we use log files?
This website is hosted by a hosting provider in Switzerland. The associated servers and the entire infrastructure are located in Switzerland.
The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online presence.
In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this website on the basis of our legitimate interests in an efficient and secure provision of this website.
As with any connection to a web server, certain technical data is automatically stored. This includes the IP address, the operating system of your device, the date and time of use, the website from which you visit our website, the type of browser used and the amount of data transferred. This data is stored in log files.
The hoster collects this data to ensure the security and stability of its systems.
Analysis of the log files helps us to further improve our Internet products and make them more user friendly, to find and remove errors more quickly, and to control server capacities. Using log files, we can, for instance, determine the time when the use of our Internet products is particularly popular and make appropriate data volumes available to guarantee you optimum usage. Log files are stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and are then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.
13. How do we use web analysis tools?
In order to constantly improve and optimise our Internet offering, we use what are known as tracking technologies. Web analysis tools provide us with statistics and graphics which provide us with information about the use of our websites. This involves data about the use of a website being transferred to the server used.
This data is collected anonymously by us, through the use of anonymizing software (plugin), and then anonymously sent to Google Analytics for display & analysis. With us, this data is only stored anonymously and since the data is already anonymized with us, Google Analytics does not receive any personal data.
14. Use of third-party services?
14. How do we use social plugins?
Alcomo SA is present on social media platforms to additionally inform about its projects and communicate with interested parties.
On our own website, we deliberately refrain from integrating plugins from such third-party providers. This prevents information from being transmitted to the social media platform when a website is called up. The social media platforms are linked to exclusively.
By calling up such an external platform, personal data may also be processed outside Switzerland; Alcomo SA has no influence on this. The respective terms of use and privacy policy apply to these platforms.
14.2 Google Fonts
Fonts from Google (“Google Fonts”) are used on this website to guarantee a consistent appearance. These are deliberately loaded from your own hosting.
Connections to a third-party provider are omitted, and no data is transmitted to Google in this context. This advantage is bought by slightly longer loading times when connecting to this website for the first time.
14.3 Google ReCaptcha
We integrate the function for detecting bots (“ReCaptcha”), e.g. when entering data in online forms. “ReCaptcha” is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to protect our website from malicious spam attacks. This is done on the basis of our legitimate interest in the security of our website and the defense against unwanted automated access in accordance with Art. 6 para. 1 lit. f GDPR.
Privacy Policy of Google: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
14.4 Cloudflare Turnstile
To increase the security of our website and to prevent automated access by bots, we use Cloudflare Turnstile on our website. Turnstile is a service provided by Cloudflare, Inc. and allows us to determine whether a website visitor is a human or a bot without displaying captchas. This improves the user-friendliness of our website by no longer forcing users to solve captchas and at the same time helps to protect our website and the services offered on it from abuse and SPAM.
The use of Cloudflare Turnstile is based on our legitimate interest in the security of our website and the defense against unwanted automated access in accordance with Art. 6 para. 1 lit. f GDPR. Turnstile recognizes visitors to our site as human users without collecting or storing personally identifiable information. Processing is exclusively anonymized, which means that individual users cannot be identified.
Cloudflare, Inc. is headquartered in the USA and the data processed by Turnstile may be transferred to a country outside the European Union or the European Economic Area. However, Cloudflare is subject to data protection regulations that guarantee the protection of your data in accordance with European standards. For more information on data processing by Cloudflare and your rights and settings options to protect your privacy, please refer to Cloudflare’s privacy policy: https://www.cloudflare.com/privacypolicy/.
Date 01.04.2024
Version 4
Public register of notifications
- Name and Address of data-controlling unit: Alcomo SA, Ackerstrasse 45, 8610 Uster
- Chief Executive Officer: Dipl. Oec. Troph., MAS Food Safety Management C. Wolf-Samson
- Purposes of data recording, processing or use: Alcomo SA is a leading service company active in the Gastronomy, Catering, Food Industry and Aviation/Airline Industry. Its range of services embraces consultancy, inspections, audits and expert opinions as well as training. Our objectives are food safety and quality assurance as well as cost effectiveness. Data is recorded, processed and used for the above purposes.
- Description of the circle of persons affected and associated data and data categories: Data of customers, employees and suppliers in as far as these are required to fulfill the purposes stated under Article 3 above.
- Recipients or categories of recipients to which such data may be disclosed:Public bodies in cases involving overriding legal regulations, external customers in line with the laws in force and external and internal units of Alcomo SA to fulfill the purposes stated above under 3.
- Data retention periods prescribed by law: The legislator has laid down various retention periods and duties. After expiry of these periods, the data in question will be routinely deleted. Any information not governed by these stipulations, will be deleted when the purposes stated above under Article 3 cease to apply.
Alcomo SA, Chief Executive Officer