Data protection policy

Thank you for your visit to our website. Compliance with data protection regulations is a particularly important issue for our company. The purpose of this data protection policy is to inform you as a user about the nature, scope and purposes of processing personal data and your rights if you are considered a person. Article 4, point 1) of the General Data Protection Regulations (GDPR). The data protection policy presented here already takes into account new developments related to the General Data Protection Regulation (GDPR), which entered into force on May 25, 2018. This policy also meets the requirements until then provisions of article 13 of the German Federal Telecommunications Media Law (TMG).

Responsible for data processing

This website and the services offered are operated by CORELL SNC – whose head office is located : ZA La pièce 1 1180 Rolle Switzerland Tél. : +41 (0)76 401 49 06 E-mail : contact@corellnatural.ch Website : www.corellnatural.ch Director : Mme Caroline Dumas 

General information

Our website has been designed to collect as little data as possible about you. It is in principle possible to visit our website without entering any personal data. Processing personal data is only necessary if you decide to use certain services (for example, if you use the contact form). This ensures that we process your personal data in accordance with a legal basis or consent you have given at all times. We comply with the provisions of the General Data Protection Regulation (GDPR), applicable from 25/05/2018, as well as national regulations such as the German Federal Data Protection Act (GFDPA), the German Federal Telecommunications Media Act (TMG) and other specific data protection legal provisions.

Definitions

In accordance with the GDPR, the terms used in this data protection policy are defined as : « personal data » : any information relating to an identified or identifiable individual (hereinafter referred to as “concerned person”); is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly, including by reference to an identifier, such as a name, identification number, location data, online identifier, or one or more specific elements specific to their physical, physiological, genetic, psychic, economic, cultural or social identity ; « processing » : any operation or set of operations performed or not using automated processes and applied to personal data or data sets, such as collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, interconnection, interconnection or other form of provision, interconnection or interconnection, erasure or destruction ; « Processing limitation » : marking retained personal data to limit future processing ; « pseudonymization » : the processing of personal data in such a way that it can no longer be attributed to a specific person concerned without recourse to additional information, provided that this additional information is kept separately and subjected to technical and organizational measures to ensure that personal data is not attributed to an identified or identifiable individual ; « responsible for processing » : the natural or legal person, public authority, service or other body that, alone or in conjunction with others, determines the purposes and means of treatment; where the purposes and means of such treatment are determined by EU law or the law of a Member State, the person responsible for the treatment may be appointed or the specific criteria applicable to its designation may be provided for by EU law or by the law of a Member State ; « subcontractor » : the individual or corporation, the public authority, the service or another body that processes personal data on behalf of the person responsible for the processing ; « recipient » : the natural or legal person, the public authority, the service or any other organization that receives personal data, whether or not it is a third party. However, public authorities that are likely to receive disclosure of personal data in the context of a particular fact-finding mission in accordance with EU law or the law of a Member State are not considered to be recipients; The processing of this data by the public authorities in question complies with applicable data protection rules according to the purposes of the processing; « third party » : a natural or legal person, a public authority, a service or an organization other than the person concerned, the person in charge of the treatment, the subcontractor and persons who, under the direct authority of the person in charge of the treatment or subcontractor, are authorized to process personal data ; « consent » of the person concerned: any expression of will, free, specific, informed and unequivocal by which the person concerned accepts, by a clear statement or by a clear positive act, that personal data concerning him or her be treated ;

Consent

When you visit our website, we sometimes collect certain personal data about you. To do so, we seek your consent. The request for consent takes place at the first opportunity in the dialogue and service space of our site, especially when contacting by contact form, a request to receive a newsletter, a booking request or a request for a reservation use of our services (e.g. pregnancy schedule or subscription service). Declaration of consent
 Using the forms we provide, you consent to us collecting the personal data you provide and treating it as outlined in this data protection policy. You can withdraw your consent at any time without retroactive effect by sending us an appropriate return. However, please note that the use of our service is no longer possible without your consent. To withdraw your consent, please use the above contact methods (in this case, please include your name, email address and postal address).

Purpose and legal basis for the processing of personal data

We process the requested personal data in order to legitimize, execute or process our service offering, with the legal basis of Article 6, paragraph 1, point b) of the GDPR. If we use external service providers as part of a data processing delegation, the legal basis for data processing is Article 28 of the GDPR. Our collection, processing and use of personal data are exclusively limited to the following purposes :

Personal data collected and processed

We only collect and process your personal data when it is freely provided by you, e.g. when you fill out forms or send emails. The data concerned is first and foremost the data the following data in the forms provided : General information :
 •    Title •    Civility* •    First name* •    Name* •    Phone number •    E-mail* •    Address 1* •    Address 2 •    Zip code* •    City* •    Country •    Request* •    Message* CORELL satisfaction notice : •    Title •    Civility* •    First name •    Name •    Age •    E-mail* •    Date of birth •    Country •    Zip code* •    Reviews/Impressions CORELL user account :
 •    Title •    Civility* •    First name* •    Name* •    Phone number •    E-mail* •    Address 1* •    Address 2 •    Zip code* •    City* •    Country Guest account :
 •    Title •    Civility* •    First name* •    Name* •    E-mail* •    Country The personal data you provide and its contents are backed up in Switzerland to our account by the Swiss-based hosting company Infomaniak. We store and process your data only for the purposes set out in item 5. Any use outside the scope of the stated purposes requires your explicit consent, as well as the transfer and disclosure of your data to third parties.

History files

The computer login data that made the query (IP address), the pages you visit on our site, the date and duration of your visit, the browser identification data and the type of operating system used, the web page from which comes from your visit and the indication of a successful access are temporarily recorded by the web server in history files. The technical management of web pages and the anonymous collection of statistics allow an assessment of access to the CORELL service as well as an evaluation aimed at improving data protection and security within our company, in order to guarantee a optimal level of protection for the personal data we process. Server history data is kept for analysis separately from all personal data entered by you, for a period of 12 months, before being deleted.

Cookies

We use cookies and similar tools to provide you with a personalized browsing experience. Please check out our Cookie Presentation for more information on how CORELL uses cookies and similar tools.

Product Reviews

On this web page, you have the option to leave a review of the products. The notice appears with your full first name and the first letter of your name. Therefore, you must use your first name, name and email address to create a user account and/or identify yourself. The pseudonym consisting of your full first name and the first letter of your name is indicated as the author of the notice, and the associated identification details are only known to the administrator.

CORELL product testers

If you have been selected as a CORELL product tester, we will keep your mailing address, email, first and last name. We use your postal address only to send you the product to be tested and, if necessary, the winning prize.

Final provisions
  1. If one of the provisions of these TCs were to prove or become totally or partially ineffective, the validity of the other provisions would not be affected. Ineffective provisions will be replaced by a corresponding provision as much as possible for the original intent of the parties.
  2. The contract between CORELL, the customer, and these TCs is exclusively subject to Swiss material law, excluding the rules of conflict of laws. The applicability of the United Nations Convention on Sales Contracts (UNCSC) is expressly excluded.
  3. Any dispute arising from or in connection with the contract between CORELL, the client, and these TCs (including their valid acceptance) will be submitted exclusively to the court at CORELL’s head office.
Competition on Facebook

Personal data is kept for the duration of the competition in order to distribute any prizes. The data is deleted once the contest is over. In some specific cases, when the number of lots distributed is large, the data is forwarded to an external service provider mandated to ship the prizes to the winners. The participant can withdraw his consent to the retention of the data at any time by contacting contact@corellnatural.ch and thus withdrawing his participation. The participant also agrees, for the contests concerned, that the photo or notice that he communicates with his full first name and the first letter of his name can be published in connection with the contest and the obtaining of any prize, after our agreement, on the web page CORELL or on the Facebook or Instagram accounts of CORELL. The participant is himself responsible for the legality of the uploaded photos, especially from the point of view of the right to the image. CORELL reserves the right not to approve photos or texts with clearly illegal content (these photos are not publicly displayed and are excluded from the contest).

Integration of third-party content and services

Our website can use content and services from other providers, including maps and videos provided by Google Maps and YouTube. The user’s IP address must be transmitted to ensure that this data can be accessed and displayed in their browser. Providers (hereafter referred to as “third-party providers”) therefore use the user’s IP address. Although we strive to only use third-party providers that only request the IP address to provide content, we have no influence on the possibility that the IP address will be retained, particularly for statistical purposes. If we find out that the IP address is retained, we’ll let you know. Using Google Analytics
 This web page uses Google Analytics, a website analytics service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). The information extracted by the cookie about your use of this web page is usually transmitted to a Google server located in the United States, where it is stored. IP anonymization is enabled on our web page, which means that your IP address is previously truncated by Google within the Member States of the European Union or other states contracting to the European Economic Area (EEA) agreement. In exceptional cases only, the IP address is transmitted in its entirety to a Google server located in the United States, and truncated a second time. In these exceptional cases, in accordance with Article 6, paragraph 1 of the GDPR, this treatment is based on our legitimate interests in statistical analysis of user behavior for optimization and marketing purposes. Google uses this information on our behalf to assess your use of the web page, to report on the activity of web pages and to provide additional services associated with the use of web pages and the Internet to our company, the operator of the web page. The IP address sent by your browser as part of Google Analytics is not combined with other Google data. You can prevent cookies from being stored by changing your browser’s corresponding settings; however please note that in this case, you may not be able to fully use all of the functions of this web page. You can also prevent Google from collecting cookie-extracted data about your use of the web page (including your IP address) and processing that data by Google by downloading and installing the available browser module by following the following link : http://tools.google.com/dlpage/gaoptout?hl=fr. Another option is to stop Google Analytics from recording data using a “deactivation cookie.” Google LLC, headquartered in the United States, is certified as part of the EU-U.S. Privacy Shield, which ensures compliance with the level of data protection applicable within the EU. For more information on user data usage in Google Analytics, please refer to Google’s data protection policy : https://support.google.com/analytics/answer/6004245?hl=fr
You’ll find Google’s data protection policy at : https://policies.google.com/privacy/partners?hl=fr Using Google Maps 
 On this web page, we can use Google Maps (API), provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). Google Maps is a web service that displays interactive maps for viewing geographic information. This service is used to tell you where we are going, so it’s easier for you to get to us. When you access subpages that include Google Maps, information about your use of our website (such as your IP address) is sent to Google servers in the United States, where it is stored. This takes place regardless of whether you are connected to a user account provided by Google or do not have a user account. If you’re connected to a Google service, your data is directly linked to your account. If you don’t want the data to be linked to your Google profile, you need to log out before you turn on the button. Google keeps your data (including for unconnected users) as usage profiles and analyzes it. Such analyses are carried out in accordance with Article 6, paragraph 1, point f) of the GDPR, based on Google’s legitimate interest in the delivery of personalized advertisements, the conduct of market research and/or a needs-based website design. You have the right to object to the creation of these usage profiles. To exercise this right, you must contact Google. Google LLC, headquartered in the United States, is certified as part of the EU-US Privacy Shield, which ensures compliance with the level of data protection applicable within the EU. If you don’t want your data to be transmitted to Google in the future in connection with using Google Maps, you can also disable the Google Maps service entirely by disabling the JavaScript app in your browser. Google Map and the map display on this website will no longer be able to be used.  You can see Google’s terms and conditions at http://www.google.fr/intl/en/policies/terms/regional.html. Additional terms of use for the use of Google Maps are available at https://www.google.com/intl/fr/help/terms_maps.html
For detailed data protection information related to the use of Google Maps, it is possible to visit Google’s website (“Google’s data protection policy”) : http://www.google.fr/intl/fr/policies/privacy/

Data security

We cannot guarantee the security of computer equipment for visitors, such as PCs, tablets, smartphones, Wi-Fi connections, etc., used to access CORELL websites. We remind you that it is the responsibility of users to ensure the safety of its own computer equipment. We take technical and organizational measures to protect our website from the loss, destruction, modification or dissemination of your data by unauthorized persons, as well as access to those same persons. Data. In particular, we transfer your personal data in encrypted form. Our security measures are constantly being improved as technology advances are implemented.

Human rights

If you are considered to be a concerned person as defined in Article 4, point 1 of the GDPR, you have the following rights under the GDPR to process your personal data. The legal document corresponding to the rights presented below is available at http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/fr/pdf Right to confirmation and access In accordance with the provisions of Article 15 of the GDPR, you have the right to request confirmation that your personal data is or is not being processed, and you have the right that the processing officer will give you access to the personal data stored about you, at any time and free of charge, and to receive a copy of it. Right to rectification In accordance with the provisions of Article 16 of the GDPR, you have the right to request that inaccurate personal data about you be corrected as soon as possible. Given the purposes of the treatment, you also have the right to have incomplete personal data completed, including by providing a supplementary statement. Right to erasure
 In accordance with the provisions of Article 17 of the GDPR, you have the right to ask CORELL to delete, as soon as possible, personal data about you, provided that one of the reasons for section 17 of the GDPR applies and that processing is not necessary. 
Right to limit treatment
 In accordance with the provisions of Article 18 of the GDPR, you have the right to request a limitation of treatment when one of the conditions under section 18 of the GDPR applies. Right to data portability
 In accordance with the provisions of Article 20 of the GDPR, you have the right to receive the personal data that concerns you and which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to pass that data on to another processing officer without us obstructing it, provided that the additional conditions of Article 20 of the GDPR apply. Right to withdraw consent
 You have the right to withdraw the consent you have given us regarding the processing of your personal data at any time and without retroactive effect. Please communicate the withdrawal of your consent using the contact information listed above. Right of opposition
 In accordance with the provisions of Article 21 of the GDPR, you have the right to object at any time to the processing of personal data about you. If the conditions for effective opposition are met, we are no longer allowed to process the data. Right to file a claim with a supervisory authority
 Irrespective of any other appeal within the framework of an administrative or judicial procedure, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or in which the alleged breach occurred, if you believe that the processing of personal data concerning you constitutes a breach of the provisions of the GDPR.

Transmission of your personal data

Your personal data are transmitted in the way described below. The website is hosted by a Swiss provider and your data is hosted in Switzerland. This is necessary for the operation of the website as well as for the justification, implementation and implementation of the existing terms of use and may also take place without your consent. The data are then also transmitted if we have the right or obligation to transmit data due to legal provisions and/or on the orders of authorities or jurisdictions. This may include a disclosure for prosecution, urgent intervention or the application of intellectual property rights. If your data is transmitted to the service provider as necessary, it can only access your personal data to the extent necessary to fulfill its obligations. Service providers have an obligation to handle your personal data in accordance with current data protection regulations, including in accordance with the GPDR. Apart from the above circumstances, we do not pass on your data to third parties without your consent. In particular, we do not disclose any personal data to an entity located in a third country or to an international organization.

How long personal data is stored

With regard to shelf life, we remove personal data as soon as it is no longer necessary to achieve the original purpose and regulatory shelf life has ceased to apply. The final shelf life of personal data is ultimately determined by the regulatory shelf life. After this period expires, the relevant data is regularly deleted. If retention times are to be respected, processing is restricted by data blocking.

Note on the entry of personal data by the person concerned

We would also like to let you know that the entry of personal data is legally required in certain circumstances (e.g. payment data for services to be billed) or may result from contractual arrangements. In order to take full advantage of the services offered on the website, you must enter into a corresponding contract (general terms of use) with us by identifying you. The execution of this contract requires you to provide us with certain personal data (e.g. username, email address), which we process as part of the performance of the contract. If you do not provide us with (provide) this personal data, we are unable to enter into this contract with you or, if only a portion of the data is provided, it is impossible to provide all of our services.

References and links

When you access web pages from our website, you may be asked to re-enter information such as your name, address, email address, browser references, etc. This data protection policy does not govern the collection, communication or management of personal data by third parties. Third-party suppliers may have different provisions of their own for the collection, processing and use of personal data. That’s why when you visit third-party web pages, we advise you to learn about their personal data management practices before entering this type of data.

Changes to data protection policy

We are constantly evolving our website so that we can provide you with better quality services. We regularly update this data protection policy and adapt it if and when necessary. Of course, we will notify you in due course of any changes to this data protection policy, including by sending an email to the address you have provided. If it is necessary to obtain additional consent for our management of your data, we will of course obtain your consent before such a change applies. At any time, you can access the latest version of our data protection provisions online at https://corellnatural.ch/politique-de-protection-des-donnees/

CORELL.ch online store

In order to place an order on our service, each customer must identify himself by providing the following personal information :

  • Sex
  • Name, first name
  • Billing address
  • 
Delivery address (if different)
  • E-mail address
  • 
Mobile phone number
  • 
Password (optional and only if you create an account)

Your customer account contains a summary of past and outstanding orders. This order history is only available if you decide to create a CORELL account, and is not accessible through our website if you place an order as a simple visitor. The above data and any other data you can provide as part of the order are processed (preserved, collected) for the purpose of completing the contract. The data needed to deliver the goods or process the order are transmitted to third-party service providers in the following categories, including : A)  Transportation Provider (Swiss Post or another), for delivery address and mobile phone number B)    Payment Solution (Mutual Credit) for anonymous order ID, total amount and date of purchase If your data is no longer required or legally required to retain your data, it will be deleted. The legal basis for the processing of the personal data mentioned here and for the purposes mentioned here is Article 6, paragraph 1, point b) of the GDPR.

Using cookies

On our website, information is collected and stored through navigation cookies. What is a cookie ? A cookie is a small text file stored on your device, which records certain settings and data for interacting with our system from your browser. A cookie usually contains the name of the domain from which its data comes from, information about the date of its creation, and an alphanumeric identification code. Why do we use cookies ? Cookies allow our systems to recognize the user’s device and immediately make preset settings available. When a user accesses the platform, a cookie is transmitted to their hard drive. Cookies help us improve our website and provide you with a better service, more suited to your needs. They allow us to recognize your computer and/or your (mobile) device if you visit our website again, and give us the opportunity to :

  • Keep information about your favorite activities on the site, and adapt our site to your personal interests,
  • Speed up the processing of your queries.

We work with third-party providers who help us make our online services and website more attractive to you. As a result, when you visit the site, cookies from these partner companies (third-party providers) are also kept on your hard drive. These cookies are automatically deleted after a set period. Can I decide whether or not to activate the use of cookies ? If you don’t want navigation cookies to be used, you can change the cookie usage settings on your device at any time by clicking on the cookie settings. You also have the option to change your browser settings to prevent it from accepting cookie retention. Please note that in this case, your use of our site may be limited or impossible. If you want to accept only our own cookies, but not those of our service providers and partners, you can select the “Block Third-Party Cookies” setting in your browser. We do not accept responsibility for the use of third-party cookies. Your consent applies to the following areas : CORELL.ch Setting cookies These cookies are used to optimize and simplify your user experience. For example, they allow you to remember your password or information about choices you’ve made previously, or to ensure that video or social media content is displayed correctly on the website. Some of them are essential for managing the system, preventing fraudulent activity, preventing you from being disconnected when switching from one page to another, or allowing the use of a promotional code. These cookies cannot be disabled, because without them, our website cannot function properly.