Your data is processed in accordance with Swiss data protection law, except in cases where it is subject to the privacy policies of other companies, such as Facebook Inc., Google Inc., etc., over which CSS has no influence.
Data recorded automatically
When you visit our websites, CSS records, stores and uses general, non-personal data. The following data in particular is saved in log files when you access our websites:
- General information on the operating system and browser
- Date and time/length of visit
- Browser query
- Any add-ons you use
- The website that referred you to us
- General information on your browsing behaviour, such as whether or not you click on advertising banners or download files
This data is used to improve the websites and allows us to provide the services they offer. It also forms the basis for statistical evaluations, and may be analysed for marketing purposes. However, the following conditions apply where data is collected and analysed using cookies.
Data provided by you
Confidential personal data that you send to CSS via the forms on the website is transmitted in encrypted form using the latest technology and cannot be viewed by third parties. The data you enter online is used for processing offers and, if applicable, for marketing purposes within CSS.
If you are already a client of CSS, or would like to become one, we can link the personal data you provide to us via the website with the data we already hold. In that event, the legal basis for the processing of personal data is the fulfilment of contractual obligations. Other legal bases for the processing of your personal data are your consent, which you can revoke at any time, and the legitimate interests of CSS.
In particular, by entering your data in the premium calculator you grant permission for companies in the CSS Group to contact you by phone or other means of communication with regard to provision of your quote for insurance.
However, we will pass on your data to a service partner commissioned by us if third-party services are required to process an enquiry you submit online or by phone or to prepare your contract. In such cases, you authorise us to do so by providing us with your data. This partner is commissioned by CSS and subject to the same data protection provisions as CSS itself.
We use active content, including HTML/CSS, Java Script and Java. This is content on websites that is not run until a user is actually visiting the site. It expands the content of the static websites. If you do not wish to see this active content, you can deactivate it via your browser. However, this may make it difficult or even impossible to use our sites.
These are small units of information that the web browser stores locally on the user's computer. We need this content to allow you to use the website and to optimise the service we offer (e.g. personalisation).
Most of the cookies we use are what are known as 'session' cookies. They are deleted automatically at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit us.
Although only anonymous data is collected and processed, you can still use our websites without cookies by deactivating them in your browser. You can also set an opt-out cookie for each external provider. However, if you do, you will no longer be able to use certain functions, and you may experience restrictions in the use of our websites.
Details on how third-party providers handle your personal data are given in their individual privacy policies, such as those issued by Facebook, Instagram, Twitter, Pinterest, Google and Adobe Systems. The CSS data protection provisions do not apply to data processing by these external providers. Please note that, as a website provider, we do not receive any information from these external providers about the content of the data that is transmitted, or its use. By using products such as Facebook, Twitter, etc., you have declared that you agree to their particular data protection provisions.
The following services and tools are used on css.ch (including subdomains and subsites):
Adobe Experience Cloud
CSS uses the services of Adobe Analytics (Adobe Systems Software Ireland Limited, 6 Riverwalk, Naas Road, Dublin 24, Ireland) to collect data on the use of our websites automatically. CSS finds out how its web services are being used accordingly and learns about users' browsing behaviour in order to understand the relevance of content and optimise the user experience.
CSS uses Adobe Target to personalise relevant data-driven content on the websites to provide a user-centric experience.
CSS uses Adobe Campaign for personalised email marketing (e.g. newsletters*). Data is stored locally (in Switzerland) on CSS servers.
The Adobe IMS/IO Service enables content from Adobe AEM (CMS) to be provided for personalisation in Target.
Adobe People Core Service
The Adobe People Core service enables CSS to segment user data from Adobe Analytics and Adobe Target.
The information on the use of our websites stored locally in the cookie (user- or client-side) is transferred to the Adobe servers and stored there. Please also refer to the section on 'Cookies and remarketing'.
Google Marketing Cloud
CSS uses the services of Google Analytics (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to collect data about the use of our websites automatically. CSS finds out how its web services are being used accordingly and learns about users' browser behaviour in order to understand the relevance of content and optimise the user experience.
Google Remarketing and Adwords
Remarketing analyses your browsing behaviour and, based on this, shows you personalised CSS advertising while you browse the internet and use a mobile app or the Google search engine. This enables more specific interest-related, personalised advertising related to your previous usage and browsing behaviour on a given device (such as your smartphone) to be shown on another of your devices (such as a tablet or PC). Google Adwords analyses clicks on Google, and CSS pays on a per-click basis when users access a CSS advert or website. If you have given the appropriate permission, Google will link your web and app browser clicks to your Google account for this purpose. Accordingly, the same personalised advertising can be shown on any device on which you log in with your Google account. You can object permanently to cross-device remarketing or targeting by deactivating personalised advertising in your Google account. To do so, click on the following link. Where CSS is subject to the EU’s General Data Protection Regulation, the collected data is collated in your Google account only if you have given your permission. You can give or revoke your permission with Google (Art. 6 para. 1 a General Data Protection Regulation). Where data is collected that is not collated with that of your Google account (because you do not have a Google account or have refused permission, for instance), the collection of your data is based on Art. 6 para. 1 f of the General Data Protection Regulation. The website provider’s legitimate interest is based on its interest in the anonymised analysis of website visitors for promotional purposes.
Google Marketing Platform (formerly DoubleClick)
This website uses the Google Marketing Platform (formerly DoubleClick), a web analytics service offered by Google. This optimises interaction with Google Adwords. It sets cookies when you view an advert or click on one of our banners on a partner website. This takes place so we can show you banners that are of interest to you. The cookie allows us to record certain data on interaction from your browser with certain on-screen content. We also record whether you have viewed an advert, clicked on it, or entered into a contract with CSS on this basis.
The information on the use of our websites recorded locally in the cookie (user- or client-side) is transferred to the Google servers and stored there.
Dialogflow is a Google-owned platform (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for dialogue-oriented communication and natural language processing. CSS uses Dialogflow for its 'Sia' digital assistance service. All user entries are analysed by means of natural language processing to understand the user's intent and provide them with relevant answers and CSS content.
This website uses the conversion tracking technology of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft Advertising places a cookie on your device if you reach our website by clicking on a Microsoft ad. This enables the analysis of campaign actions, whether someone has clicked on an ad and reached a specific target page (conversion) on our website. Only the total number of clicks and conversions is analysed, and pseudonymised user profiles are created. Microsoft uses the information collected to display personalised ads that could be particularly relevant to users. No personal information on the identity of the user is collected.
Facebook and Instagram Remarketing
reCAPTCHA is a Google-owned service (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) that protects websites from spam and misuse. It uses progressive risk analysis techniques to distinguish between humans and bots. The data captured by Google reCAPTCHA are subject to the data protection regulation and terms and conditions of use of Google, and are used to provide, maintain and improve the reCAPTCHA service as well as for general security purposes (they are not used for Google’s personalised advertising).
The following tools are used on my.css.ch (client portal):
- Adobe Analytics
- Google Remarketing and Adwords
- Google Marketing Platform (formerly DoubleClick)
- Facebook and Instagram Remarketing
- Pinterest Remarketing
- Google reCAPTCHA
Encrypted payments via this website
If, having entered into a contract with us, you are obliged to provide us with your payment information (e.g. your account number for direct debits), then this information will be required to process payments.
Payment transactions via the usual channels (Visa/Mastercard or direct debit) are routed exclusively through an encrypted SSL or TLS connection. You can recognise whether or not a connection is encrypted because the address line of your browser will change from 'http://' to 'https://' and a padlock symbol will appear.
If communication is encrypted, no third party can read the payment information you send us.
Normal emails you send to CSS are not encrypted and may be viewed by third parties. CSS is unable to offer any guarantee of data security with regard to unencrypted email exchanges, and CSS therefore offers no warranty and accepts no liability in this regard.
Newsletters are sent to our clients and prospective clients only if they specifically ask to receive them. By subscribing to the newsletter, the user agrees only that their email address may be used to send out the e-letter.
Our marketing emails (newsletters, invitations, email surveys, etc.) are managed and dispatched using the Adobe Campaign email marketing solution, which is hosted on the CSS servers. Personal data collected along with the newsletter subscription is stored on the CSS computers. With each newsletter, we offer the option of correcting, updating or removing the information that recipients have provided.
You can unsubscribe from the newsletter or from our advertising emails at any time. The link is provided at the bottom of every email. The data that we hold in order to send you the newsletter will be stored by us until you unsubscribe from the newsletter, after which it will be deleted. Data that we store for other purposes is not affected by this.
Your email address is used only to send out our own information. We do not pass your address on to third parties.
The way in which users click on hyperlinks in emails and on websites is recorded in anonymous form.
This means that no personal user profiles can be created.