Data protection

Privacy Policy

With this privacy policy, we would like to inform you about the nature, scope, and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data is any data that relates to you personally, e.g., name, address, email address, or your user behavior. This privacy policy applies to all data processing operations carried out by us, both within the scope of our core activities and for the online media maintained by us.

Who is responsible for data processing at our company

The controller for data processing is:

Wäfler Diagnostics AG
Markus Wäfler
Breitenstrasse 17
6047 Kastanienbaum
Switzerland
0792084550
info@waefler-diagnostics.ch
www.waefler-diagnostics.ch

Your Rights under the GDPR

Under the GDPR, you have the following rights, which you can assert at any time with the controller mentioned in section 1 of this privacy policy:

  • Right to information: You have the right to request information from us as to whether and which data we process about you.
  • Right to rectification: You have the right to request the rectification of inaccurate data or the completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction of processing: In certain cases, you have the right to request that we restrict the processing of your data.
  • Right to data portability: You have the right to request that we transmit your data to you or another controller in a structured, commonly used, and machine-readable format.
  • Right to complain: You have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible is that of your usual place of residence, your workplace, or our company's registered office.

Right of withdrawal

You have the right to withdraw your consent to data processing at any time.

Right to object

You have the right to object at any time to the processing of your data based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. If you exercise your right to object, we ask you to state the reasons. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests and rights.

Notwithstanding the foregoing, you have the right to object at any time to the processing of your personal data for the purposes of advertising and data analysis.

Please send your objection to the contact address of the controller provided above.

When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that – unless otherwise stated in the individual privacy notices of this privacy policy – we delete your data,

  • when the purpose of data processing has ceased to exist and thus the respective legal basis stated in the individual privacy notices no longer applies, e.g.,
    • after the termination of the contractual or membership relations existing between us (Art. 6 Para. 1 lit. a GDPR) or
    • after our legitimate interest in the further processing or storage of your data (Art. 6 Para. 1 lit. f GDPR) has ceased to exist,
  • if you exercise your right of withdrawal and no other legal basis for processing within the meaning of Art. 6 Para. 1 lit. b-f GDPR applies,
  • if you exercise your right to object and there are no compelling legitimate grounds against erasure.

However, if we still need to retain (certain parts of) your data for other purposes, for example, because tax retention periods (usually 6 years for business correspondence or 10 years for accounting records) or the establishment, exercise, or defense of legal claims arising from contractual relationships (up to four years) require it, or the data is needed to protect the rights of another natural or legal person, we will only delete (that part of) your data after these periods have expired. Until these periods expire, however, we will restrict the processing of this data to these purposes (fulfillment of retention obligations).

Cookies

Our website uses cookies. Cookies are small text files, consisting of a series of numbers and letters, that are placed and stored on the device you are using. Cookies primarily serve to exchange information between the device you are using and our website. This includes, among other things, language settings on a website, login status, or the point at which a video was watched.

When you visit our websites, two types of cookies are used:

  • Temporary Cookies (Session Cookies): These store a so-called session ID, which allows various requests from your browser to be assigned to the common session. Session cookies are deleted when you log out or close your browser.
  • Permanent Cookies: Permanent cookies remain stored even after the browser is closed. This allows our website to recognize your computer when you return to our website. Information such as language settings or login information is stored in these cookies. In addition, your surfing behavior can be documented and stored with these cookies. This data can be used for statistical, marketing, and personalization purposes.

In addition to the above classification, cookies can also be distinguished based on their purpose:

  • Necessary Cookies: These are cookies that are absolutely essential for the operation of our website, to store logins or shopping carts for the duration of your session, or cookies that are set for security reasons.
  • Statistics, Marketing, and Personalization Cookies: These are cookies that are used for analysis purposes or for audience measurement. Such "tracking" cookies can store, in particular, information about entered search terms or the frequency of page views. In addition, the surfing behavior of an individual user (e.g., viewing certain content, using functions, etc.) can also be stored in a user profile. Such profiles are used to display content to users that corresponds to their potential interests. Insofar as we use services through which cookies for statistical, marketing, and personalization purposes are stored on your device, we will inform you separately about this in the following sections of our privacy policy or as part of obtaining your consent.

Affected data:

  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address).

Affected persons: Users of our online services

Purpose of processing: Displaying our websites, ensuring the operation of our websites, improving our online offering, communication and marketing

Legal basis:
Legitimate interest, Art. 6 Para. 1 lit. f GDPR
If we do not obtain your consent for setting cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, especially its content and functions. You can object to the use of cookies set by us based on our legitimate interest via your browser's security settings. There you have the option to specify whether you accept cookies not at all or only on request, or whether cookies should be deleted after each time you close your browser. If cookies are disabled for our website, it may no longer be possible to use all functions of the website to their full extent.

Webhosting

We use a provider to host our websites, on whose servers our websites are stored and made available for retrieval on the internet (hosting). In doing so, the provider may process all data transmitted by your browser that arises during the use of our websites. This includes, in particular, your IP address, which the provider needs to deliver our online offering to your browser, as well as all entries you make via our website. In addition, the provider we use can

  • the date and time of access to our website
  • Time zone difference to Greenwich Mean Time (GMT)
  • Access status (HTTP status)
  • the amount of data transferred
  • the internet service provider of the accessing system
  • the type of browser you are using and its version
  • the operating system you are using
  • the website from which you may have reached our website
  • the pages or sub-pages you visit on our website.

collect. The aforementioned data are stored as log files on our provider's servers. This is necessary to ensure the stability and security of our website's operation.

Affected data:

  • Content data (e.g., posts, photos, videos)
  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address)

Affected persons: Users of our website

Purpose of processing: Displaying our websites, ensuring the operation of our websites

Legal basis: Legitimate interest, Art. 6 Para. 1 lit. f GDPR

Webhoster commissioned by us:

 

Service provider: Novatrend Services
Website: https://www.novatrend.ch/de/
Privacy Policy: https://www.novatrend.ch/de/datenschutz

Shopify International Limited

Service Provider: Shopify International Limited
Website: Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland.
Privacy Policy: https://www.shopify.com

Registration, Login, and User Account

You have the option to register on our online platform to create a user account. This requires providing personal data as requested in the input mask. The data requested there particularly includes your name, email address, possibly a username, and password. This data is stored and processed by us to set up a user account for you and to enable (repeated) logins. You can change or delete the data at any time. The data will not be passed on to third parties unless this serves the technical and organizational processing of the user agreement between us. To protect you and us from fraudulent registrations, we store the IP address assigned to you at the time of registration, as well as the date and time of registration.

Affected data:

  • Inventory data (e.g., names, addresses)
  • Contact data (e.g., email address, phone number, postal address)
  • Contract data (e.g., subject of contract, contract duration)
  • Payment data (e.g., bank account details, invoices)
  • Content data (e.g., posts, photos, videos)
  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address)

Purpose of processing: Fulfillment of contractual services, communication and answering contact inquiries, security measures.

Legal basis: Fulfillment of contract and pre-contractual inquiries, Art. 6 Para. 1 lit. b GDPR, legal obligation, Art. 6 Para. 1 lit. c GDPR, legitimate interest, Art. 6 Para. 1 lit. f GDPR

Deletion: See the section: "When do we delete your data?". In addition, we would like to point out that we delete the data collected during registration and the content data stored in the account, subject to any legal retention obligations, as soon as you delete your account. Therefore, if you wish or need to access the content data stored in your account even after deleting your account, please secure it elsewhere before deleting the account.

Processing of your data when placing an order in our online shop

If you place orders through our online shop, we process the information you provide during the ordering process to fulfill your order. This includes, in particular, your name, address, and electronic contact details, information for processing payments, and details of your specific order. We will inform you during the ordering process which data we require in detail.

If it is necessary for the fulfillment of the contract concluded between us, for the protection of your vital interests, or due to legal provisions, we will transmit your data to third parties, such as the logistics company entrusted with delivery, payment service providers for payment processing, and our tax advisor, while observing your rights. Insofar as we use third-party providers to provide our services, the privacy policies of the respective third-party providers apply.

 

 

 

Advertising measures: We may also use the data you provide to inform you by post or email about similar interesting products and/or services after an order has been placed.

 

 

Affected data:

  • Inventory data (e.g., names, addresses)
  • Payment data (e.g., bank account details, invoices)
  • Contact data (e.g., email address, phone number, postal address)
  • Contract data (e.g., subject of contract, contract duration)
  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address)

Affected persons: Customers, interested parties, business and contractual partners

Purpose of processing: Order processing, communication and, if applicable, marketing, as well as answering inquiries, data security, office and organizational procedures

Legal basis: Fulfillment of contract and pre-contractual inquiries, Art. 6 Para. 1 lit. b GDPR, legal obligation, Art. 6 Para. 1 lit. c GDPR, legitimate interest, Art. 6 Para. 1 lit. f GDPR

Online Advertising

We use services for displaying online advertisements. Through the services we use, certain user data is collected via a cookie or pixel. This includes, in particular, information about which website you came from to our website (so-called referrer), which pages of our website you accessed, how long you visited our pages, and what interactions you performed there. In addition, data about the browser you are using, computer system, and device type are collected. Furthermore, such a service can also collect demographic information, such as age or gender, as pseudonymous values. If you have consented to the collection of your location data, this may also be processed, depending on the provider. To collect and store this data, the respective service places a cookie or a so-called tracking pixel on the device you are using, which also collects your associated IP address. However, this is truncated using a so-called IP masking procedure, so that the IP address can no longer be associated with your visit to our website. In principle, no clear data such as names or email addresses are stored when using the respective service. This is only the case if you are a member of a social network that offers one of the services mentioned below and links your profile with the aforementioned data material.

The data is evaluated by the service we use to generate a report with statistical statements about the number of visitors generated through advertising and the success of the advertising measure. The reports show, among other things, the total number of users who were directed to our website via our ads. In addition, the reports contain information about the users' devices and browsers, where the users were located, and at what times the advertisement was clicked. However, the reports do not contain any information that would allow you to be personally identified as a user of our site.

We would like to point out that, depending on the location of the service provider, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be maintained and that the enforcement of your rights may not be possible or may only be possible with difficulty.

Affected data:

  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address)

Affected persons: Users of our online services

Purpose of processing: Reach measurement, success monitoring of campaigns, remarketing, and interest- and behavior-based marketing

Legal basis: If we have asked for your consent before using the respective service, this constitutes the legal basis, Art. 6 para. 1 lit. a GDPR. Otherwise, we use the respective service based on our legitimate interest in directing visitor traffic to our website, analyzing this visitor traffic to continuously improve the functions, offers, and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following service providers for online advertising:

Facebook Pixel

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
European headquarters: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com
Privacy Policy: https://www.facebook.com/about/privacy
Opt-out option: https://www.facebook.com/settings?tab=ads

Google Ads

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
European headquarters: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://ads.google.com/home/
Privacy Policy: http://www.google.de/intl/de/policies/privacy

Web analytics and statistics

To record and statistically evaluate visitor traffic on our website, we use web analysis services. Such services collect data about, among other things, from which website you arrived at our website (so-called referrers), which pages of our website you accessed, how long you visited our pages, and what interactions you made there. In addition, data about the browser, computer system, and device type you used is collected. Such a service can also collect demographic information, such as age or gender, as pseudonymous values. If you have consented to the collection of your location data, this may also be processed, depending on the provider.

To collect and store this data, the web analysis service we use usually places a cookie on the device you are using, which also collects your assigned IP address. However, this is shortened using a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. In addition, no clear data such as names or e-mail addresses are stored. Neither we nor the service we use know the identity of the visitors to our websites.

However, when collecting data, the service provider can create pseudonymous usage profiles with information from the use of various devices by using cookies.

We would like to point out that, depending on the country of establishment of the service provider mentioned below, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be maintained and that the enforcement of your rights may not be possible or may only be possible with difficulty.

Affected data:

  • Usage data (e.g., access times, clicked websites)
  • Communication data (e.g., information about the device used, IP address).

Affected persons: Users of our online services

Purpose of processing: Reach measurement, success monitoring of campaigns, remarketing, and interest- and behavior-based marketing

Legal basis: If we have asked for your consent before using the respective service, this constitutes the legal basis, Art. 6 para. 1 lit. a GDPR. Otherwise, we use the respective service based on our legitimate interest in analyzing the visitor traffic of our websites to continuously improve the functions, offers, and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following web analysis services:

Google Analytics 4

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://marketingplatform.google.com/intl/de/about/analytics/
Privacy Policy: https://policies.google.com/privacy?hl=de
Note on data transfer to Google Analytics servers: When our website is accessed within the EU (based on the geographical location according to the IP address), the IP address assigned to you is collected exclusively via servers in the EU and used as geolocation data, only to be deleted immediately afterwards. It is neither logged nor used in any other way. The other measurement data is then forwarded to Google Analytics servers for evaluation.
Opt-out option: If you do not want your data to be used by Google Analytics, you can set an opt-out plugin, which will prevent your data from being collected on our website in the future. You can obtain this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

Our online presences on social networks

We maintain online presences within the social networks listed below. If you visit one of these presences, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and user profiles are created. Data can be stored in the user profiles regardless of the device you use. This is particularly the case if you are a member of the respective platform and are logged in there. The user profiles can be used by the providers to display interest-based advertising to you. You have a right to object to the creation of user profiles. To exercise this, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when visiting our website, the respective provider can collect data about your usage behavior on our website. To prevent such a link of your data, you can log out of the provider's service before visiting our site.

You can find out for what purpose and to what extent data is collected by the provider from the respective data protection declarations of the providers provided below.

We would like to point out that, depending on the country of establishment of the provider mentioned below, the data collected via their platform may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be maintained and that the enforcement of your rights may not be possible or may only be possible with difficulty.

Affected data:

  • Inventory and contact data (e.g. name, address, telephone number, e-mail address)
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, clicked websites)
  • Communication data (e.g. information about the device used, IP address).

Purpose of processing: Communication and marketing, tracking and analysis of user behavior

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, legitimate interests Art. 6 para. 1 lit. f GDPR

Objection options: For the respective objection options (opt-out), we refer to the information from the providers linked below.

We maintain online presences on the following social networks:

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com/
Privacy Policy: https://www.facebook.com/about/privacy/
Privacy Policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Instagram

Service provider: Instagram Inc., 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Website: https://www.instagram.com/
Privacy Policy: http://instagram.com/about/legal/privacy

Security measures

In addition, we implement state-of-the-art technical and organizational security measures to comply with data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

Timeliness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in May 2026. Due to changes in legal or official requirements, it may be necessary to adapt this privacy policy.

This privacy policy was created with the help of the data protection generator from SOS Recht. SOS Recht is an offer of Mueller.legal Rechtsanwälte Partnerschaft based in Berlin.