This is the website of Heads Corporate Branding AG. Heads Corporate Branding AG maintains this site for your personal information and as a means of communication. By using this website, you accept our terms of service and contract, as well as the applicable laws and policies.
Heads Corporate Branding AG holds the copyright for the entire web presence. Content may not be altered, copied or used for commercial purposes, and is subject to copyright law and to other protective laws. We do not accept any liability for the information presented on this website.
Our site contains links to third-party websites. We are not responsible for the content of these sites. We do not accept any liability for the content of the linked sites. These are the responsibility of the individual operators alone.
Data Protection Policy
Heads Corporate Branding AG (hereinafter referred to as Heads Corporate Branding) takes the protection of your privacy very seriously. Please read the following data protection regulations carefully.
2. Scope of application
Heads Corporate Branding collects, processes, stores and protects the data of persons who access its website (data subjects). These data protection regulations apply to this website and all of its applications and functions, such as chat, newsletters, events, etc.
3. Legal grounds
These data protection principles are based on the Swiss Data Protection Act (DSG) and the European General Data Protection Regulation (GDPR).
4. Controller responsible for processing at Heads Corporate Branding
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is: Heads Corporate Branding AG, Mainaustrasse 35, 8008 Zürich, Schweiz. Ralph Hermann, email@example.com, www.heads.ch
5. Use of information
It is not possible to visit the Heads Corporate Branding website without providing personal data. No conclusions about you are drawn when we evaluate non-personal data such as an IP address, browser used, date, time, etc.
Visitors to our website can also activate the “do not track” option so that only the process of logging in itself will be tracked.
Personal data will be collected and processed strictly in accordance with the applicable laws and regulations and then only with your explicit consent.
6. Non-disclosure of personal data
Your personal data will not be sold or shared with third parties outside of Heads Corporate Branding. An exception may be made for external service providers which handle enquiries or orders on behalf of Heads Corporate Branding (e.g. for studies or white papers) and process the necessary data for this. Heads Corporate Branding ensures that all entities receiving data comply with data protection and data security requirements.
7. Contact options via the website
If you contact Heads Corporate Branding via our website, the personal data you submit will be saved automatically. This data which you submit on a voluntary basis will be used for processing purposes or for contacting you. No personal data will be transferred to third parties.
8. Function for commenting and debating
Our website has interactive forums such as chat, blog, message board and other platforms. You can leave individual comments on contributions from other visitors and debate certain topics. In turn, these comments can themselves be commented on by third parties.
If a data subject leaves a comment on an article or comment published on this website, the details about the time the comment was made and the name of the data subject (“real name obligation” under German law) will be saved and published in addition to this comment. The IP address assigned by the data subject’s internet service provider will also be logged. This IP address is saved for security reasons and in case a submitted comment infringes the rights of a third party or illegal content is posted. None of this collected personal data is passed on to third parties, unless the law requires it to be or if it is used to defend the rights of the controllers.
9. Routine erasure and blocking of personal data
Heads Corporate Branding processes and stores a data subject’s personal data only for the period necessary to achieve the purpose of storage, or if this is provided for by the law which the controllers are subject to.
If the storage purpose is not applicable, or if any storage period provided by law expires, the personal data is routinely blocked or erased in accordance with legal requirements.
10. Legal grounds for processing
No data will be processed unless there are legal grounds for doing so. The following are such grounds:
- performance of a contract
- legal obligations
- protection of a legitimate interest of Heads Corporate Branding or a third party
11. Rights of the data subject
a) Right of confirmation
Each data subject has the right to obtain from the controller a confirmation as to whether or not personal data concerning him or her is being processed. If a data subject wishes to avail himself or herself of this right of confirmation, he or she may contact the controller(s) at Heads Corporate Branding at any time.
b) Right of access to information
Each person whose data is processed has the right to obtain from the controller at any time free information about his or her personal data stored and a copy of this information. Information is provided about:
- the purposes of the processing
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data has been disclosed or will be disclosed
- whether personal data was transferred to a third country or an international organisation, and if this is the case, whether appropriate safeguards exist in connection with the transmission
- the envisaged storage period, or, if not possible, the criteria used to determine that period
- the existence of the right to request from the controller rectification or erasure of personal data concerning the data subject, or restriction of processing of personal data or to object to such processing
- the existence of the right to lodge a complaint with a supervisory authority
- where the personal data is not collected from the data subject, information as to its source
- the existence of automated decision-making, including profiling, and meaningful information about the logic involved, and the significance and envisaged consequences of such processing for the data subject. If a data subject wishes to exercise this right of access to information, he or she may contact the controller(s) at Heads Corporate Branding at any time.
c) Right to rectification
Each person whose data is processed has the right to obtain immediate rectification of inaccurate personal data concerning him or her and, taking into account the purposes of the processing, the right to have incomplete personal data completed.
If a data subject wishes to exercise this right to rectification, he or she may contact the controller(s) at Heads Corporate Branding at any time.
d) Right to erasure (right to be forgotten)
Each person whose data is processed has the right to obtain from the controller the immediate erasure of personal data concerning him or her, where one of the following grounds applies, as long as the processing is not necessary:
- the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
- the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing.
- the data subject objects to the processing and there are no overriding legitimate grounds for the processing
- the personal data must be erased for compliance with a legal obligation
- the personal data belongs to a child who is not yet 16 years of age or for whom no consent from the holders of parental responsibility has been obtained
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored with the controllers, he or she may contact the controller(s) at Heads Corporate Branding at any time.
Where the controller has made personal data public and is obliged to erase the personal data, the controllers, taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, that personal data, as far as processing is not required.
e) Right to restriction of processing
Each person whose data is processed has the right to obtain from the controller restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of its use
- the controllers no longer need the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims
- the data subject has objected to processing pending verification of whether the legitimate grounds of the controller override those of the data subject.
If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the controller, he or she may contact the controller(s) at Heads Corporate Branding at any time.
f) Right to data portability
Each person whose data is processed has the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format.
He or she also has the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, as long as the processing is based on consent or on a contract, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability, the data subject has the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to exercise the right to data portability, he or she may contact the controller(s) at Heads Corporate Branding at any time.
g) Right to object
Each person whose data is processed has the right to object at any time to the processing of personal data concerning him or her. This also applies to profiling based on these provisions.
The controllers can no longer process the personal data in the event of the objection, unless compelling legitimate grounds for the processing can be demonstrated which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims.
In order to exercise the right to object, the data subject may directly contact the controller(s) at Heads Corporate Branding at any time.
h) Automated individual decision-making, including profiling
Each person whose data is processed has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision is not necessary for entering into, or the performance of, a contract between the data subject and the data controller, or is based on the data subject’s explicit consent.
If the decision is necessary for entering into, or performing a contract between the data subject and a data controller, or it is based on the data subject’s explicit consent, the controllers will implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.
If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may contact the controller(s) at Heads Corporate Branding at any time.
i) Right to withdraw data protection consent
Each person whose data is processed has the right to withdraw his or her consent to processing of his or her personal data at any time. If the data subject wishes to exercise the right to withdraw consent, he or she may contact the controller(s) at Heads Corporate Branding at any time.
j) Right to lodge a complaint with a supervisory authority
Each person whose data is processed has the right to lodge a complaint with his or her local supervisory authority responsible for protecting citizens’ data for a data protection infringement by the controller.
12. Links to other websites
Heads Corporate Branding’s website is linked to other websites whose content it is not responsible for.
13. Collection, processing and use of personal data
13.1 Personal data
Personal data is information about the factual or personal circumstances of an identified or identifiable natural person. This includes, for example, your name and your email address.
13.2 Use of your data for marketing purposes
Besides using your data for sending out newsletters, we may also use your information to display personalised advertising to you.
13.3 Subscription to our newsletters
On the website of the Heads Corporate Branding AG, users are given the opportunity to subscribe to our enterprise’s newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.
The Heads Corporate Branding AG informs its customers and business partners regularly by means of a newsletter about enterprise offers. The enterprise’s newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.
During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.
The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.
13.4 Newsletter Tracking
The newsletter of the Heads Corporate Branding AG contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the Heads Corporate Branding AG may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.
Such personal data collected in the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller. The Heads Corporate Branding AG automatically regards a withdrawal from the receipt of the newsletter as a revocation.
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
15. Log files
Each time you access Heads Corporate Branding’s web pages, usage data is transmitted by the respective internet browser and stored in server log files. The stored data records contain the following data: the date and time of access, the name of the page accessed, IP address, referrer URL (original URL from which you arrived at the web pages), the amount of data transferred, and the product and version information of the browser used. The IP addresses of users are deleted or anonymised when you end your session on the website. When anonymising, IP addresses are modified so that the individual details about persons or factual circumstances can no longer be attributed to an identified or identifiable natural person or only if a significantly large amount of time, cost and labour is expended. We evaluate these log file data records in an anonymous form in order to further improve our offering and make it more user-friendly, to find and correct errors more quickly and to manage server capacity. For example, we can determine what times the Heads Corporate Branding website is especially popular and make the relevant data volume available to ensure you can make a purchase as quickly as possible. We can also identify and correct any errors on the Heads Corporate Branding website more quickly by analysing the log files.
16. Web analysis
16.1 Google Analytics
16.2 Facebook pixels
We use Facebook pixels to show you advertising based on your activities on our web pages and tailored to your interests via re-targeting on Facebook, Instagram, Facebook Messenger and Facebook Audience Network.
16.3 LinkedIn pixels
We use LinkedIn pixels to show you advertising based on your activities on our web pages and tailored to your interests via re-targeting on LinkedIn.
17. Social plugins
Our website uses social plugins from different social networks. With the help of these plugins, you can, for example, share content or recommend products to other persons. The plugins are enabled by default on Heads Corporate Branding.ch. The content of the plugin is transmitted from the social network directly to your browser, and incorporated by the latter into the web pages. By incorporating the plugin, the social network receives the information that you have accessed the corresponding page of our website. If you are logged into a social network, the latter can assign your visit to your account. If you interact with the plugins, for example, by clicking the Facebook “like” button or leaving a comment, the corresponding information is transmitted from your browser directly to the social network and stored there. For information on the purpose and scope of data collection and further processing and use of data by social networks, as well as your rights in this respect and settings options for protecting your privacy, please refer to the data protection guidelines of the respective networks or websites. Even if you are not logged into social networks, data can be sent from websites with active social plugins to the networks. Because of an active plugin, every time the website is accessed a cookie with an identifier is stored. Since your browser will send this cookie every time you connect to a network server without being requested, the network can theoretically create a profile of which web pages the user associated with the identifier has accessed. And it would also be possible later on to link this identifier to a person again, for example when logging in to the social network. We use the following plugins on our website: Facebook, Twitter and LinkedIn. If you do not want social networks to collect data about you via active plugins, you can select the “block third party cookies” function in your browser settings. Then, where there is embedded content from other providers, the browser will not send any cookies to the server. However, when using this setting, other cross-page functions may no longer work.
We use plug-ins from the social network facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Link to Facebook’s data protection policy: Facebook’s data protection policy.
We use plug-ins from the social network Twitter, operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Link to Twitter’s data protection policy: Twitter’s data protection policy.
We use plug-ins from the social network LinkedIn operated by LinkedIn Ireland U.C. Link to LinkedIn’s data protection policy: LinkedIn’s data protection policy.
We use plug-ins from the social network Pinterest operated by Pinterest Inc., 651 Brannan Street, San Francisco, CA 94103, USA. Link to Pinterest’s data protection policy: Pinterest’s data protection policy.
We use plug-ins from the social network Google+ operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Link to Google+’s data protection policy: Google+’s data protection policy.
Version 31/5/2018 We expressly reserve the right to make changes or adjustments at any time.