Privacy policy

RAFKA as data controller, pursuant to Article 13 of EU Reg. 2016/679 (“GDPR”), is committed to protect and respect your privacy.

This Privacy Policy describes the personal data (“Personal Data”) the Data Controller collects from the Website user and how he/she processes such Personal Data.
a) The Data Controller may collect information on visits to the Website including, but not limited to, traffic data, location data, weblogs, contact forms and other communication data and the resources that the user may access. This information will make the users’ visit to the Website easier in the future since the Data Controller might suggest content or services depending on the location of the user while accessing the Website.
b) The Data Controller may also store cookies, as set out more in detail in the Cookie Policy.

The Personal Data are collected and managed by the Data Controller in order:
a) to customize content or services according to the user’s preferences;
b) to create, publish and improve the most relevant content for users;
c) to ensure that the content provided through the Website are delivered in the most effective manner according to the user’s devices;
d) to allow the user to interact with the Website, if the user wishes to;
e) to further develop and improve the Website and systems for a better customer satisfaction.

The use of the information above mentioned is allowed by legal provisions on the protection of personal data, since it is necessary:
a) for the legitimate interests of the Data Controller to pursue the above mentioned scope of the data processing; such interests, in any case, do not result in a conflict with the privacy rights of the users;
b) in some cases, to comply with legal and regulatory liabilities of the Data Controller, for example in relation to communication obligation to the authorities, government and regulatory bodies; or in some cases, to fulfill actions of public interest and, when the Data Controller uses particular categories of Personal Data, or to engage, carry out and defend himself in legal actions, or when the data processing regards personal information manifestly of public domain.
The Data Controller does not take decisions only based on automated decision-making, including profiling, which may produce legal effects on the user or similar consequences.
The Data Controller stores the Personal Data for a period of time necessary for the fulfillment of his legal obligations. The storage period of the Personal Data depends on the scope according to which the Personal Data are processed and on the instruments by means of which the Personal Data are processed.
However, it is not possible to indicate in this Privacy Policy the estimate of the storage period of the Personal Data. The criteria used to determine the applicable period are strictly connected to the time (I) necessary for the accomplishment of the related scope, (II) necessary for the completion of the business relationship with the user, (III) accepted by the user and/or (IV) required by the applicable legal provisions.

To ease an efficient use of the user’s Personal Data, and to provide the user with the content and/or resources, the information is disclosed to third parties. However, the disclosure will only occur in the following circumstances:
a) to suppliers, contractors and agents: the Data Controller may engage or employ other companies and individuals to perform functions on his behalf. Examples may include hosting and/or maintenance of the Website content or supply of specific functions contained on the Website, supply of marketing services or economic updating required by the user. Such recipients will only have access to data required by them to perform their functions and they are not permitted to use such Personal Data for any other purposes. These recipients will be subject to contractual confidentiality obligations;
b) to judicial or governmental authorities, if the Data Controller believes that they are legally entitled to request them.

The Data Controller collects information about the user’s computer or other electronic devices. This information include (when available) IP address, operating system and browser type, for the system administrator. These are statistical data about user’s browsing actions and patterns and they do not identify the users.
For this reason, the Data Controller may obtain information about the user’s general Internet usage by using a cookie file which is stored on the user’s device. Cookies help the Data Controller to improve the Website and to deliver a better and more customized service. For more detail about the use of cookies, please visit the Cookie Policy.

Personal Data may be transferred and processed in one or more States within or outside the European Economic Area (EEA). A transfer of Personal Data to a third country outside the EEA may take place where the European Commission has decided that the third country ensures an adequate level of protection or where the Data Controller has provided adequate safeguards to preserve the confidentiality of this information.

Although the Data Controller endeavours to take all steps reasonably necessary to safeguard the Personal Data, please note that the transmission of information via internet is not totally safe and it is not possible to ensure a complete security of the Personal Data transmitted to the Website or to third parties; for this reason, any transmission of Personal Data occurs at the user’s own risk.
However, the Data Controller applies strict operating procedures and adequate technical and organisational security measures in order to prevent any access, modification, erasure or unauthorised transmission of Personal Data.

Articles from 15 to 22 of the GDPR grant the user, as data subject, certain specific rights, as indicated hereunder:
a) right to access and obtain a copy of the user’s Personal Data:
the user has the right to claim confirmation of the fact that the Data Controller is processing his/her Personal Data. In this case, the user can have access to his/her Personal Data and to some information regarding the processing. In some cases, the user can require to the Data Controller an electronic copy of his/her Personal Data;
b) right to rectification:
in case the user is able to demonstrate that his/her Personal Data are not correct, the user has the right to ask the updating or the rectification of the data;
c) right to be forgotten/ to erasure of the data:
in specific circumstances, the user has the right to obtain the erasure of his/her Personal Data. The request can be filed at any time and the Data Controller will assess the possibility to accept the request. However, this right is subject to legal duties and obligations that may impose the conservation to the Data Controller. In the event that, pursuant to the legal provisions, the request of erasure of the Personal Data may be accepted, the Data Controller will proceed to erase the date without undue delay;
d) right to object:
although the user’s data processing by the Data Controller is based on the legitimate interest of the Data Controller (without any other reason for the processing), the user has the right to object to the processing modality of his/her Personal Data implemented by the Data Controller in relation to the user’s specific situation;
e) right to withdraw the consent:
since the data processing is based on the user’s consent, the user is entitled to withdraw the consent at any time. The consent withdrawal does not affect the lawfulness of processing based on a consent formerly granted.

In order to exercise his/her rights, the user can submit an e-mail to the following e-mail address: info@rafka.ch.
It is also possible to lodge a complaint regarding the data processing to the competent supervisory authority.

The conditions of this Privacy Policy may change from time to time. The Data Controller will post any changes on this Website or will contact the users in alternative ways.

The Data Controller informs that questions, comments and requests regarding this Policy must be submitted to the following e-mail address: info@rafka.ch.

Last update: 29.08.2023