Privacy Policy

Subject of data protection 

The subject of data protection is the protection of personal data. This concerns all information relating to an identified or identifiable natural person, the so-called data subject. For example, this includes personal information such  as name, postal and e-mail addresses and telephone numbers. 

Aim and scope 

The protection of your privacy when processing personal data and the security of all business data is an important concern for BRUSA. We process personal data responsibly and in accordance with the legal provisions of the Swiss Federal Data Protection Act (DSG) and the EU General Data Protection Regulation (GDPR). We see the protection of your data protection rights as part of our social responsibility. This Privacy Policy applies to BRUSA Technology AG, the companies controlled by it, as well as their managing bodies and employees. The individual companies are re- sponsible for compliance with this policy and the respective national data protection laws. If national regulations provide for a higher level of protection for personal data, these shall prevail over this directive.         

Person responsible and his or her EU representative 

The responsible person in the sense of the EU General Data Protection Regulation (GDPR) is:

BRUSA Technology AG
Langäulistrasse 60, 9470 Buchs, Schweiz
Telefon: +41 81 758 19 00
E-Mail: info@brusatechnology.com
Website: www.brusatechnology.com
represented by Mr. Ming Jiang, VR

Data protection officer

E-Mail: privacy@brusatechnology.com

Lawfulness of processing 

The following legal bases apply to the processing of personal data:

Insofar as consent of the data subject must be obtained for processing operations of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis. 

Insofar as the processing of personal data is necessary for the fulfillment, or for pre-contractual measures, Art. 6 para. 1 lit. b GDPR serves as the legal basis.  

Insofar as processing of personal data is necessary for compliance with a legal obligation to which BRUSA is subject, Art. 6 (1) c GDPR serves as the legal basis.  

To the extent that processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6 (1) (d) GDPR serves as the legal basis. 

To the extent that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, Art. 6 (1) (e) GDPR serves as the legal basis. 

If the processing is necessary to protect a legitimate interest of the controller or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override, Art. 6 (1) f GDPR serves as the legal basis. 

Data Processing 

Personal data may be processed for the following purposes, among others: 

  • Establishing and maintaining relationships with business partners
  • application management
  • Fulfillment of contractual and pre-contractual obligations
  • Direct marketing and public relations (e.g. newsletter / competitions)
  • Internal administrative and service purposes   
  • Processing of non-contractual inquiries and concerns
  • Prevention of and protection against legal violations, defense against legal claims and internal and external compliance measures 

Website 

When accessing our website, the access data is stored in a log file. The processing is necessary to display the website properly. This involves the following access data: 

  • IP addresses
  • Date and time of access
  • length of stay
  • Name of the accessed file
  • Page from which the access was made
  • domain/country of the visitor
  • web browser used
  • operating system used

Partner Portal 

When accessing our partner portal, the access data is stored in a log file. The processing is necessary to properly display the partner portal. This involves the following access data: 

  • Name
  • E-Mail adress
  • Company
  • Country
  • Department
  • Job title

Recipients of personal data 

Within the company, only those persons have access to your personal data who require it for the purposes stated in each case. External recipients will only receive your personal data if there is a legal basis for this or if you have  given your consent. 

Data transfer to third countries 

In the case of data transfer to third parties whose registered office or place of data processing is not located in a  member state of the European Union, another state party to the Agreement on the European Economic Area or a state for which an adequate level of data protection has been established by a decision of the European Commission, BRUSA will ensure prior to the transfer that the data transfer is either covered by a legal authorization, that  guarantees exist for an adequate level of data protection with regard to the data transfer or that you have given your consent to the data transfer. 

Cookies 

We use cookies to provide our digital offers. These are small text files that are stored in your browser or on your device and transmitted to us each time you access our homepage or our other digital offerings. They contain, for  example, an anonymous user ID so that we can recognize you on your next visit. This is the only way we can continuously improve our digital offerings and provide you with time-saving and convenient functions such as further calculations in the web calculator or the personalization of our content. We make sure that we only store as much information as necessary. If you do not agree, you can set your browser so that it does not accept cookies from BRUSA. You can still use our digital offers, but then some functions will not be available to you or only to a limited  extent. You can disable cookies in whole or in part at any time in the settings of your browser. If cookies are deactivated, you may no longer be able to use all the functions of this homepage. 

Web-Analytics 

When you use www.brusahypower.com, www.brusatechnology.com and www.brusa.biz we anonymously and automatically collect metadata about your website visit. This includes, for example, your browser, your device type, how you came to our homepage (campaign and referral information), how long your visit lasted or your IP address. We also collect what content you access on our homepage and how you interact with the website and our applications on the website (digital offers). We do this to improve our website and our offerings and to better tailor your experience on our website. To store and analyze the data we collect, we use third-party tools, such as Google Analytics. You have the option to disable the aforementioned web analytics services by installing appropriate add-ons. 

MailShare 

Content from websites and social networks can also be shared via e-mail (so-called MailShare). If an e-mail is sent via this function, the data protection provisions of the respective mail provider (e.g. of Gmail, GMX, Hotmail, etc. or, depending on the case, those of your employer) apply. The e-mail data entered by the user for the MailShare  function is not stored by BRUSA. 

Integrated third-party services / social media plug-ins and social networks 

With the help of so-called social plug-ins, content and services of other providers, e.g. Facebook, Twitter and YouTube, are integrated on our website, which in turn may use cookies. BRUSA has no influence on the data collected by the social networks via the respective plug-ins. From the respective data protection information, the purpose and scope of the collection, the further processing and use of the data by the social network, as well as the affected rights and setting options for protecting your privacy can be obtained from the provider. 

Social plug-ins from Meta (Facebook / Instagram) 

Facebook is operated by Meta Platforms Ireland Limited; 4 Grand Canal Square; Grand Canal Harbour; Dublin 2 Ireland. Meta's privacy policy can be found at the following link: https://www.facebook.com/policy 

Social plug-ins from YouTube 

YouTube is operated by Google Ireland Limited; Gordon House; Barrow Street; Dublin 4; Ireland. YouTube's privacy policy can be found at the following link: https://policies.google.com/privacy?hl=de&gl=de 

Social plug-ins from Twitter 

Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA. You can find Twitter's data protection information at the following link: https://twitter.com/de/privacy 

Social plug-ins from LinkedIn 

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. You can find the data protection information of LinkedIn under the following link: https://www.linkedin.com/legal/privacy-policy 

Business communication via Microsoft Teams and SharePoint 

We use Microsoft Teams to conduct standard business communications, such as online meetings or video conferences. If online meetings are to be recorded, we will inform you of this before the start and ask for your verbal  consent in advance. If it is necessary for the purpose of recording the content of an online meeting, we will store  the chat content. Microsoft Teams is a service of Microsoft Ireland Operations, Ltd. When using Microsoft Teams, various types of data are processed. The scope of the data also depends on the data you provide before or during  participation in an "online meeting". 

The following personal data are subject to processing:

  • User details: display name, e-mail address, profile picture (optional), preferred language.
  • Meeting metadata: e.g. date, time, meeting ID, phone number, location
  • Text, audio and video data: You may have the option to use the chat function in an online meeting. In this case, the text entries you make are processed in order to display them in the online meeting. 

To enable the display of video and the playback of audio, data from the microphone of your terminal device and  from a video camera of the terminal device are processed during the meeting. You can turn off or mute the camera or microphone yourself at any time through the Microsoft Teams applications. 

Microsoft Teams privacy notice can be found at the following link: https://learn.microsoft.com/de-de/microsoft- teams/teams-privacy 

Data security 

BRUSA takes necessary technical and organizational measures (TOMs) to ensure an adequate level of protection and to protect your data managed by us against the risks of accidental or unlawful destruction, loss, manipulation, alteration, unauthorized disclosure or access. We constantly adapt corresponding security measures to technological developments. 

Processing of data requiring special protection 

The processing of personal data requiring special protection may only take place if this is required or permitted by law. Processing of such data by BRUSA may be permissible if the data subject has expressly consented to the processing, the processing is absolutely necessary in order to assert, exercise or defend legal claims against the data subject.  

Data minimization and storage duration 

The collection and storage of personal data must be adequate and relevant for the purpose and limited to the extent appropriate for the purposes of the processing. Storage may only take place for as long as is necessary for the purpose or you have not effectively objected to the processing of your data or effectively revoked your consent. If  any legal retention periods exist, these will be archived for the prescribed period. If there is no need to store your data after the legal retention period has expired, your data will be deleted. 

Data subject rights 

You can assert the following rights against BRUSA. To assert your rights, please contact the data protection officer. Please note that a clear, doubtless identification of your person must be necessary for this. 

Duty to inform and right to information 

Right to information (Art. 13 GDPR) by the data controller at the time of collection. Right to information (Art. 15 GDPR) about the processing of your personal data. 

Right of rectification 

Right to rectify (Art. 16 GDPR) concerning incorrect or incomplete personal data.

Right to erasure 

Right, if the conditions set out in Art. 17 GDPR are met, to request the deletion of your data if it is no longer neces- sary for the purposes for which it was collected. Furthermore, there is a right to erasure if your data was processed on the basis of your consent and you now revoke this consent. 

Right to restriction of processing 

Right to request the restriction of the processing of your data if the conditions of Art. 18 GDPR are met, including if the accuracy of personal data is disputed. Meanwhile, restriction of processing may be requested for the duration  of the verification of the accuracy of the data. 

Right to data portability 

Right of the data subject pursuant to Art. 20 GDPR to receive the personal data concerning him or her in a commonly used and machine-readable format. 

Right to object 

Right pursuant to Art. 21 GDPR to object at any time to the processing of personal data, on grounds relating to the particular situation, where the processing is based on an overriding legitimate interest. 

Right of appeal 

Right pursuant to Art. 77 GDPR to lodge a complaint with the Data Protection Officer if the view of a guideline vio- lation exists. Independently of this, there is also the right to complain directly to a competent supervisory author- ity about our processing of your data. 

Other 

This Privacy Policy is effective as of May 1, 2025. BRUSA reserves the right to adapt this policy from time to time to the current circumstances.  

TOP