Privacy Policy
Subject of data protection
The subject of data protection is the protection of personal data. This concerns all information relating to an identified or identifiable natural person, the so-called data subject. For example, this includes personal information such as name, postal and e-mail addresses and telephone numbers.
Aim and scope
The protection of your privacy when processing personal data and the security of all business data is an important concern for BRUSA. We process personal data responsibly and in accordance with the legal provisions of the Swiss Federal Data Protection Act (DSG) and the EU General Data Protection Regulation (GDPR). We see the protection of your data protection rights as part of our social responsibility. This Privacy Policy applies to BRUSA Technology AG, the companies controlled by it, as well as their managing bodies and employees. The individual companies are re- sponsible for compliance with this policy and the respective national data protection laws. If national regulations provide for a higher level of protection for personal data, these shall prevail over this directive.
Person responsible and his or her EU representative
The responsible person in the sense of the EU General Data Protection Regulation (GDPR) is:
BRUSA Technology AG
Langäulistrasse 60, 9470 Buchs, Schweiz
Telefon: +41 81 758 19 00
E-Mail: info@brusatechnology.com
Website: www.brusatechnology.com
represented by Mr. Ming Jiang, VR
Data protection officer
E-Mail: privacy@brusatechnology.com
Lawfulness of processing
The following legal bases apply to the processing of personal data:
Insofar as consent of the data subject must be obtained for processing operations of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis.
Insofar as the processing of personal data is necessary for the fulfillment, or for pre-contractual measures, Art. 6 para. 1 lit. b GDPR serves as the legal basis.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which BRUSA is subject, Art. 6 (1) c GDPR serves as the legal basis.
To the extent that processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6 (1) (d) GDPR serves as the legal basis.
To the extent that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, Art. 6 (1) (e) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of the controller or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override, Art. 6 (1) f GDPR serves as the legal basis.
Data Processing
Personal data may be processed for the following purposes, among others:
- Establishing and maintaining relationships with business partners
- application management
- Fulfillment of contractual and pre-contractual obligations
- Direct marketing and public relations (e.g. newsletter / competitions)
- Internal administrative and service purposes
- Processing of non-contractual inquiries and concerns
- Prevention of and protection against legal violations, defense against legal claims and internal and external compliance measures
Website
When accessing our website, the access data is stored in a log file. The processing is necessary to display the website properly. This involves the following access data:
- IP addresses
- Date and time of access
- length of stay
- Name of the accessed file
- Page from which the access was made
- domain/country of the visitor
- web browser used
- operating system used
Partner Portal
When accessing our partner portal, the access data is stored in a log file. The processing is necessary to properly display the partner portal. This involves the following access data:
- Name
- E-Mail adress
- Company
- Country
- Department
- Job title
Recipients of personal data
Within the company, only those persons have access to your personal data who require it for the purposes stated in each case. External recipients will only receive your personal data if there is a legal basis for this or if you have given your consent.
Data transfer to third countries
In the case of data transfer to third parties whose registered office or place of data processing is not located in a member state of the European Union, another state party to the Agreement on the European Economic Area or a state for which an adequate level of data protection has been established by a decision of the European Commission, BRUSA will ensure prior to the transfer that the data transfer is either covered by a legal authorization, that guarantees exist for an adequate level of data protection with regard to the data transfer or that you have given your consent to the data transfer.
Cookies
We use cookies to provide our digital offers. These are small text files that are stored in your browser or on your device and transmitted to us each time you access our homepage or our other digital offerings. They contain, for example, an anonymous user ID so that we can recognize you on your next visit. This is the only way we can continuously improve our digital offerings and provide you with time-saving and convenient functions such as further calculations in the web calculator or the personalization of our content. We make sure that we only store as much information as necessary. If you do not agree, you can set your browser so that it does not accept cookies from BRUSA. You can still use our digital offers, but then some functions will not be available to you or only to a limited extent. You can disable cookies in whole or in part at any time in the settings of your browser. If cookies are deactivated, you may no longer be able to use all the functions of this homepage.
Web-Analytics
When you use www.brusahypower.com, www.brusatechnology.com and www.brusa.biz we anonymously and automatically collect metadata about your website visit. This includes, for example, your browser, your device type, how you came to our homepage (campaign and referral information), how long your visit lasted or your IP address. We also collect what content you access on our homepage and how you interact with the website and our applications on the website (digital offers). We do this to improve our website and our offerings and to better tailor your experience on our website. To store and analyze the data we collect, we use third-party tools, such as Google Analytics. You have the option to disable the aforementioned web analytics services by installing appropriate add-ons.
MailShare
Content from websites and social networks can also be shared via e-mail (so-called MailShare). If an e-mail is sent via this function, the data protection provisions of the respective mail provider (e.g. of Gmail, GMX, Hotmail, etc. or, depending on the case, those of your employer) apply. The e-mail data entered by the user for the MailShare function is not stored by BRUSA.
Integrated third-party services / social media plug-ins and social networks
With the help of so-called social plug-ins, content and services of other providers, e.g. Facebook, Twitter and YouTube, are integrated on our website, which in turn may use cookies. BRUSA has no influence on the data collected by the social networks via the respective plug-ins. From the respective data protection information, the purpose and scope of the collection, the further processing and use of the data by the social network, as well as the affected rights and setting options for protecting your privacy can be obtained from the provider.
Social plug-ins from Meta (Facebook / Instagram)
Facebook is operated by Meta Platforms Ireland Limited; 4 Grand Canal Square; Grand Canal Harbour; Dublin 2 Ireland. Meta's privacy policy can be found at the following link: https://www.facebook.com/policy
Social plug-ins from YouTube
YouTube is operated by Google Ireland Limited; Gordon House; Barrow Street; Dublin 4; Ireland. YouTube's privacy policy can be found at the following link: https://policies.google.com/privacy?hl=de&gl=de
Social plug-ins from Twitter
Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA. You can find Twitter's data protection information at the following link: https://twitter.com/de/privacy
Social plug-ins from LinkedIn
LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. You can find the data protection information of LinkedIn under the following link: https://www.linkedin.com/legal/privacy-policy
Business communication via Microsoft Teams and SharePoint
We use Microsoft Teams to conduct standard business communications, such as online meetings or video conferences. If online meetings are to be recorded, we will inform you of this before the start and ask for your verbal consent in advance. If it is necessary for the purpose of recording the content of an online meeting, we will store the chat content. Microsoft Teams is a service of Microsoft Ireland Operations, Ltd. When using Microsoft Teams, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an "online meeting".
The following personal data are subject to processing:
- User details: display name, e-mail address, profile picture (optional), preferred language.
- Meeting metadata: e.g. date, time, meeting ID, phone number, location
- Text, audio and video data: You may have the option to use the chat function in an online meeting. In this case, the text entries you make are processed in order to display them in the online meeting.
To enable the display of video and the playback of audio, data from the microphone of your terminal device and from a video camera of the terminal device are processed during the meeting. You can turn off or mute the camera or microphone yourself at any time through the Microsoft Teams applications.
Microsoft Teams privacy notice can be found at the following link: https://learn.microsoft.com/de-de/microsoft- teams/teams-privacy
Data security
BRUSA takes necessary technical and organizational measures (TOMs) to ensure an adequate level of protection and to protect your data managed by us against the risks of accidental or unlawful destruction, loss, manipulation, alteration, unauthorized disclosure or access. We constantly adapt corresponding security measures to technological developments.
Processing of data requiring special protection
The processing of personal data requiring special protection may only take place if this is required or permitted by law. Processing of such data by BRUSA may be permissible if the data subject has expressly consented to the processing, the processing is absolutely necessary in order to assert, exercise or defend legal claims against the data subject.
Data minimization and storage duration
The collection and storage of personal data must be adequate and relevant for the purpose and limited to the extent appropriate for the purposes of the processing. Storage may only take place for as long as is necessary for the purpose or you have not effectively objected to the processing of your data or effectively revoked your consent. If any legal retention periods exist, these will be archived for the prescribed period. If there is no need to store your data after the legal retention period has expired, your data will be deleted.
Data subject rights
You can assert the following rights against BRUSA. To assert your rights, please contact the data protection officer. Please note that a clear, doubtless identification of your person must be necessary for this.
Duty to inform and right to information
Right to information (Art. 13 GDPR) by the data controller at the time of collection. Right to information (Art. 15 GDPR) about the processing of your personal data.
Right of rectification
Right to rectify (Art. 16 GDPR) concerning incorrect or incomplete personal data.
Right to erasure
Right, if the conditions set out in Art. 17 GDPR are met, to request the deletion of your data if it is no longer neces- sary for the purposes for which it was collected. Furthermore, there is a right to erasure if your data was processed on the basis of your consent and you now revoke this consent.
Right to restriction of processing
Right to request the restriction of the processing of your data if the conditions of Art. 18 GDPR are met, including if the accuracy of personal data is disputed. Meanwhile, restriction of processing may be requested for the duration of the verification of the accuracy of the data.
Right to data portability
Right of the data subject pursuant to Art. 20 GDPR to receive the personal data concerning him or her in a commonly used and machine-readable format.
Right to object
Right pursuant to Art. 21 GDPR to object at any time to the processing of personal data, on grounds relating to the particular situation, where the processing is based on an overriding legitimate interest.
Right of appeal
Right pursuant to Art. 77 GDPR to lodge a complaint with the Data Protection Officer if the view of a guideline vio- lation exists. Independently of this, there is also the right to complain directly to a competent supervisory author- ity about our processing of your data.
Other
This Privacy Policy is effective as of May 1, 2025. BRUSA reserves the right to adapt this policy from time to time to the current circumstances.