Legal Notice & Privacy Policy

Legal Notice

Contact address

GREEN BOOTS – Rainforests for our Future
Im Höfli 6
CH-8307 Effretikon
info@green-boots.ch
Domain owner: www.green-boots.ch

Authorized representatives

Simona Kobel, Philipp Schmid, Fabian Kessler, Claudia Brüllhardt

Liability and intellectual property rights

Disclaimer: The contents of this online offer have been prepared carefully and to the best of our current knowledge, but are for information purposes only and have no legally binding effect, unless they are legally binding information (e.g. the imprint, the privacy policy). We reserve the right to change or delete the content in whole or in part, provided that contractual obligations remain unaffected. All offers are subject to change and non-binding.

Links to external websites: The contents of external websites to which we refer directly or indirectly are outside our area of responsibility and we do not adopt them as our own. We accept no responsibility for any content or disadvantages arising from the use of the information available on the linked websites.

Copyrights and trademark rights: All content presented on this website, such as texts, photographs, graphics, brands and trademarks are protected by the respective property rights (copyrights, trademark rights). The use, reproduction, etc. are subject to our rights or the rights of the respective authors or rights holders.

Privacy Policy

Preamble

With the following privacy policy, we would like to explain to you what types of your personal data (hereinafter referred to as "data") we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer").

By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or names of files accessed, date and time are stored on the server for statistical purposes without this data being directly related to your person. If personal data (e.g. name, address or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent.

Status: December 21, 2023

Relevant legal bases

We process your data on the basis of the Swiss Federal Act on Data Protection ("Swiss FADP" for short). We only process personal data if the processing is lawful, is carried out in good faith and is proportionate (Art. 6 para. 1 and 2 of the Swiss FADP). Furthermore, we only obtain personal data for a specific purpose that is recognizable to the data subject and only process it in such a way that it is compatible with these purposes (Art. 6 para. 3 of the Swiss FADP).

Transfer of personal data

We may transfer personal data to other persons within our organization or grant them access to this data. If this transfer is for administrative purposes, the transfer of the data is based on our legitimate business and commercial interests or takes place if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or a legal permission exists.

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as the consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data no longer applies or it is not required for the purpose). If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person. Our data protection notices may also contain further information on the retention and deletion of data, which take priority for the respective processing operations.

Rights of the data subjects

As a data subject, you have the following rights in accordance with the provisions of the Swiss Data Protection Act:

  • Right of access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and to receive the information necessary to enable you to exercise your rights under this law and to ensure transparent data processing.
  • Right to data disclosure or transfer: You have the right to request the handover of your personal data that you have disclosed to us in a commonly used electronic format.
  • Right to rectification: You have the right to request the rectification of inaccurate personal data concerning you.
  • Right to object, erasure and destruction: You have the right to object to the processing of your data and to request that the personal data concerning you be erased or destroyed.

Use of cookies

This website uses cookies. These are small text files that make it possible to store specific information relating to the user on the user's device while the user is using the website. Cookies make it possible in particular to determine the frequency of use and the number of users of the pages, to analyze patterns of page use, but also to make our offer more customer-friendly.

Notes on consent: We use cookies in accordance with the statutory provisions. We therefore obtain prior consent from users, unless this is not required by law. In particular, consent is not required if the storage and reading of information, including cookies, is absolutely necessary in order to provide the user with a telemedia service expressly requested by them (i.e. our online offer). Strictly necessary cookies generally include cookies with functions that serve the display and operability of the online service, load balancing, security, storage of user preferences and selection options or similar purposes related to the provision of the main and secondary functions of the online service requested by the user. The revocable consent is clearly communicated to the users and contains the information on the respective cookie use.

With regard to the storage period, a distinction is made between the following types of cookies:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online service and closed their end device (e.g. browser or mobile application).
  • Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. The user data collected with the help of cookies can also be used to measure reach. If we do not provide users with explicit information on the type and storage duration of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and can be stored for up to two years.

General information on revocation and objection (so-called "opt-out"): Users can revoke the consent they have given at any time and object to processing in accordance with the legal requirements. Among other things, users can restrict the use of cookies in their browser settings (although this may also restrict the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. 

Performance of tasks in accordance with the Articles of Association

We process the data of our members, sponsors, interested parties, customers or other persons in accordance with the data protection provisions of the Swiss Confederation (Federal Act on Data Protection, FADP), insofar as we offer them contractual services or act within the framework of existing business relationships, e.g. with members, or are ourselves recipients of benefits and services. The data processed in this context, the type, scope and purpose as well as the necessity of their processing result from the underlying contractual relationship. This generally includes inventory and master data of persons (e.g. name, address, etc.) as well as contact data (e.g. e-mail address, telephone, etc.), contract data (e.g. services used, content and information provided, names of contact persons) and, if we offer fee-based services or products, payment data (e.g. bank details, payment history, etc.).

We delete data that is no longer required for the fulfillment of our statutory and business purposes. This is determined according to the respective tasks and contractual relationships. We retain the data for as long as it may be relevant for business transactions and with regard to any warranty or liability obligations based on our legitimate interests in their regulation. The necessity of retaining the data is regularly reviewed; otherwise, the statutory retention obligations apply.

  • Online store: We process the data of our customers in order to enable them to select, purchase or order the selected products, goods and associated services, as well as their payment and delivery or execution. If necessary for the execution of an order, we use service providers, in particular postal, forwarding and shipping companies, to carry out the delivery or execution for our customers. We use the services of banks and payment service providers to process payment transactions. The required information is marked as such in the context of the order or comparable purchase process and includes the information required for delivery or provision and billing as well as contact information in order to be able to hold any consultations.
  • Events and functions: We process the data of the participants of the events, functions and similar activities offered or organized by us (hereinafter uniformly referred to as "participants" and "events") in order to enable them to participate in the events and make use of the services or activities associated with participation. If we process health-related data, religious, political or other special categories of data in this context, this is done within the scope of disclosure (e.g. for themed events or for health care, security or with the consent of the data subjects). The required information is marked as such in the context of the conclusion of the order, purchase order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to hold any consultations. Insofar as we receive access to information from end customers, employees or other persons, we process this in accordance with legal and contractual requirements.

Providers and services used in the course of business activities

As part of our business activities, we use additional services, platforms, interfaces or plug-ins from third-party providers ("services" for short) in compliance with legal requirements.

Payment procedures

As part of contractual and other legal relationships, due to legal obligations or otherwise on the basis of our legitimate interests, we offer the data subjects efficient and secure payment options and use other service providers in addition to banks and credit institutions (collectively referred to as "payment service providers").

The data processed by the payment service providers includes inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored by them. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information about the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies. The purpose of this transmission is to check identity and creditworthiness. Please refer to the payment service providers' terms and conditions and data protection information.

Payment transactions are subject to the terms and conditions and data protection notices of the respective payment service providers, which can be accessed on the respective websites or transaction applications. We also refer to these for further information and the assertion of rights of revocation, information and other rights of data subjects.

Provision of the online offer and web hosting

We process users' data in order to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or end device.

  • Provision of online offer on rented storage space: For the provision of our online offer, we use storage space, computing capacity and software that we rent or otherwise obtain from a corresponding server provider (also called "web host").
  • Collection of access data and log files: Access to our online offering is recorded in the form of so-called "server log files". The server log files may include the address and name of the websites and files accessed, date and time of access, data volumes transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider. The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the event of abusive attacks, so-called DDoS attacks) and to ensure the utilization of the servers and their stability. Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
  • E-mail dispatch and hosting: The web hosting services we use also include the dispatch, receipt and storage of e-mails. For these purposes, the addresses of the recipients and senders as well as other information relating to the sending of e-mails (e.g. the providers involved) and the content of the respective e-mails are processed. The aforementioned data may also be processed for the purpose of detecting SPAM. Please note that e-mails on the Internet are generally not sent in encrypted form. As a rule, emails are encrypted in transit, but not on the servers from which they are sent and received (unless an end-to-end encryption method is used). We can therefore accept no responsibility for the transmission path of e-mails between the sender and receipt on our server.

Newsletter

The newsletter is sent via the mailing service provider 'MailChimp', a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The privacy policy of the mailing service provider can be viewed on the provider's website. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with the European level of data protection (Privacy Shield). The use of the mailing service provider is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and an order processing agreement pursuant to Art. 28 para. 3 P. 1 GDPR.

The mailing service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the mailing service provider does not use the data of our newsletter recipients to write to them itself or pass it on to third parties.

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

After you have given your consent to the storage of the data, the e-mail address and its use for sending the newsletter, you can revoke this at any time, for example via the "unsubscribe link" in the newsletter.

  • Measurement of opening and click rates: The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from their server. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of retrieval, is initially collected. This information is used for the technical improvement of our newsletter based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they are deleted. The evaluations help us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Web analysis, monitoring and optimization

Web analysis (also referred to as "reach measurement") is used to evaluate the flow of visitors to our online offering and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize at what time our online offer or its functions or content are most frequently used or invite reuse. We can also understand which areas require optimization.

In addition to web analysis, we may also use test procedures, e.g. to test and optimize different versions of our online offer or its components.
Unless otherwise stated below, profiles, i.e. data summarized for a usage process, can be created for these purposes and information can be stored in a browser or in a terminal device and read out from it. The information collected includes, in particular, websites visited and the elements used there as well as technical information such as the browser used, the computer system used and information on usage times. If users have consented to the collection of their location data from us or from the providers of the services we use, location data may also be processed.

The IP addresses of users are also stored. However, we use an IP masking procedure (i.e. pseudonymization by shortening the IP address) to protect users. In general, no clear user data (such as e-mail addresses or names) is stored in the context of web analysis, A/B testing and optimization, but pseudonyms. This means that neither we nor the providers of the software used know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective processes.

  • Google Analytics 4: We use Google Analytics to measure and analyze the use of our online offering on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or e-mail addresses. It is used to assign analysis information to an end device in order to recognize which content users have called up within one or more usage processes, which search terms they have used, which they have called up again or which they have interacted with our online offering. The time of use and its duration are also stored, as well as the sources of the users that refer to our online offering and technical aspects of their end devices and browsers. Pseudonymous profiles of users are created with information from the use of various devices, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides rough geographic location data by deriving the following metadata from IP addresses: City (and the city's inferred latitude and longitude), continent, country, region, subcontinent (and ID-based counterparts). In the case of EU data traffic, the IP address data is used exclusively for this derivation of geolocation data before it is immediately deleted. It is not logged, is not accessible and is not used for any other purpose. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing.
  • Google Ads: This website uses Google Conversion Tracking. If you have reached our website via an ad placed by Google, Google Ads will set a cookie on your computer. The conversion tracking cookie is set when a user clicks on an ad placed by Google. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked across the websites of Ads customers. The information obtained using the conversion cookie is used to generate conversion statistics for Ads customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies or by setting your browser to block cookies from the domain "googleleadservices.com". Please note that you may not delete the opt-out cookies as long as you do not want measurement data to be collected. If you have deleted all cookies in your browser, you must set the respective opt-out cookie again.

Presence in social networks (social media)

We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights.

Furthermore, user data within social networks is generally processed for market research and advertising purposes. For example, user profiles can be created based on user behavior and the resulting interests of users. The user profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are generally stored on the user's computer, in which the user's usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

For a detailed description of the respective forms of processing and the opt-out options, please refer to the data protection declarations and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly.

Plugins and embedded functions and content 

We incorporate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").

The integration always requires that the third-party providers of this content process the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content or function. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

  • Facebook: This website uses functions of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA . When you visit our pages with Facebook plugins, a connection is established between your browser and the Facebook servers. Data is already transmitted to Facebook. If you have a Facebook account, this data can be linked to it. If you do not want this data to be linked to your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular the use of a comment function or clicking on a "Like" or "Share" button, are also forwarded to Facebook. You can find out more about this at https://de-de.facebook.com/about/privacy.
  • Instagram plugins and content: Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. You can find more information in Instagram's privacy policy: http://instagram.com/about/legal/privacy/
  • YouTube videos: Functions of the "YouTube" service are integrated on this website. "YouTube" is owned and operated by Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland. Your legal agreement with "YouTube" consists of the terms and conditions which you can find at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=de. These Terms constitute a legally binding agreement between you and "YouTube" regarding your use of the Services. Google's privacy policy explains how "YouTube" handles and protects your personal data when you use the service.

Changes and updates to the privacy policy

We may change this privacy policy at any time without prior notice. The current version published on our website shall apply. If the privacy policy is part of an agreement with you, we will inform you of the change by e-mail or other appropriate means in the event of an update.