As a service provider in the digital sector, the protection of your privacy and the security of all personal data is an important concern for us at the European Association for the Teaching of Academic Writing (EATAW). Therefore, we pay special attention to this in our processes. At the same time, we want you to know how and which data we collect, store and process. In doing so, we comply with the requirements of the applicable data protection laws.
With the following information, we provide you with an overview of the processing of personal data carried out by us. Which data we process in each individual case and in what way they are used, depends largely on the services actually provided. In the following declaration, we also describe your rights.
Should you have any questions or concerns, please do not hesitate to contact us. We are pleased to be there for you.
1. Responsible Body
EATAW is the responsible body in terms of data protection law for the collection, processing and use of your personal data. Please direct any questions regarding this statement or concerns regarding data protection to the following address:
Zurich University of Applied Sciences
Department of Linguistics
Institute for Language Competence
2. Scope of Application
- users of EATAW who are natural persons.
- All other natural persons who are in contact with EATAW, e.g. representatives and employees of legal entities, suppliers, visitors to our website, who contact us via the website or the contact form there, etc.
Until the data protection declaration and/or the legal situation changes, this information also applies to legal entities, insofar as the Swiss Federal Act on Data Protection Data Protection Act (FADP) is applicable.
EATAW processes personal data in accordance with the legal regulations, if and insofar as the respective regulations are applicable.
3. Used Sources and Data
EATAW collects your personal data when you contact us as a user. In addition, we also process your data when you contact name as a supplier, service provider or in other functions. In addition, we also process personal data in the course of our other association activities.
We furthermore process such data that is generated in the course of using our website or such data that is provided by you there (e.g. in the course of filling out the web form for EATAW membership).
Subject of data protection is personal data. This is all information relating to an identified or identifiable person (cf. Art. 4 No. 1 GDPR) or respectively a determined or determinable person (Art. 3 lit. a FADP).
Relevant personal data are e.g. personal details (including surname, first name, date of birth, address, email), telephone number, account number, etc. In addition, order data, data from the fulfilment of our contractual obligations, advertising and sales data, documentation data and other data comparable to the categories mentioned can also be personal data.
We only process personal data if there is a legal basis for this or if you have given us your consent, for example when filling in the form for becoming EATAW member.
4. Purpose of Processing
We process personal data for the following processing purposes:
a) To fulfil obligations/provide our services
EATAW stores and processes your personal data for the purpose of fulfilling contractual obligations and to provide our corresponding digital services. In doing so, we process the personal data that you have voluntarily provided us for performing our contractual obligations and for the provision of the associated digital services.
Furthermore, EATAW stores and processes personal data also for the provision, administration and implementation of customer and user communication by mail, telephone and via electronic means of communication. In addition, data processing is carried out for the implementation of pre-contractual measures (e.g. the preparation of a service offer), which are carried out upon request.
b) As part of the assessment of the different interests
As far as required, we process your data beyond the actual fulfilment of the contract in order to protect so-called legitimate interests of ourselves or third parties. Examples of this are:
- Assertion of legal claims and defense in legal disputes
- Ensuring IT security and IT operation
- Analysis of the Internet traffic on our website and the use of the bot on our website ensuring the highest possible functionality of our website
- Advertising or market and opinion research, unless you have objected to the use of your data
- Prevention and investigation of criminal offenses
c) Based on your consent
If you have authorised us to process personal data for specific purposes, the legitimacy of these processing operations is based on your consent. A granted consent can be revoked at any time. The revocation of consent does not affect the legitimacy of the data processed until revocation.
d) Due to legal requirements or public interest
Data may also be processed or forwarded if this is required by law or in the public interest.
e) Specific purpose and change of purpose of the data processing
The collected data will only be processed for the declared purpose respectively. Processing of your personal data for purposes other than those described will only take place if a legal directive permits this or if you have consented to the changed purpose of the data processing. In the event of data processing for purposes other than those for which the data was originally collected, we will inform you of this purpose before the new processing operation takes place and provide you with all other relevant information.
All collected, processed and stored personal data is treated confidentially by EATAW. The data transmitted by you will be stored as follows: physical data will be processed and stored in European Union, electronic data of customers and users will be stored by processor on servers in European Union.
The data is stored with the utmost care and protected from access by third parties. Only EATAW board members have access to your data who need it to perform their duties.
The data you enter by email or via the website form is transmitted without encryption. It cannot therefore be excluded that data may be lost or accessed by third parties in transit. The online transmission of personal data is therefore at your own risk.
6. Who will get my Data?
At EATAW, only those persons who need access to your data to fulfil our contractual and legal obligations are granted access. All data that is subject to confidentiality will be treated accordingly.
Personal data will be passed on exclusively and in compliance with the legal requirements, for instance if there is a sufficient legal basis for it, e.g. the purpose of fulfilling the contract, a legitimate interest or your consent. In addition, data may be transferred to other responsible parties provided that we are obliged to do so by law or by an enforceable official or court order.
Service providers employed by us may also receive data, subject to the legal requirements for data transfer, if they maintain the corresponding confidentiality. These are, among others, companies in the categories IT services, telecommunications and so on.
We have carefully selected these service providers and oblige them to handle and secure the data stored with them carefully. All service providers are also obliged by us to maintain confidentiality and to comply with legal requirements.
We may also pass on personal data to recipients based outside Switzerland, the EU or the EEA in so-called third states. In the event of such a transfer, we will ensure in advance that the recipient either has an adequate level of data protection or has your consent for the transfer.
7. How long will my Data be stored?
We process and store your personal data as long as it is necessary to fulfil our contractual and legal obligations.
If the data is no longer necessary for the fulfilment of contractual or legal obligations, it is regularly deleted, unless the data is subject to legal retention periods, for criminal prosecution or for securing, asserting or enforcing legal claims for a longer period.
Further processing – for a limited period of time – is necessary for the following purposes, among others:
- Fulfilment of commercial and tax law storage obligations, e.g. from the Swiss Code of Obligations (CO) and tax laws. The periods of retention or documentation specified there are usually ten years.
- Preservation of evidence within the framework of the legal regulations on limitation periods. According to Art. 127 ff. of the Swiss Code of Obligations (CO), these limitation periods can be up to 10 years.
8. Your Rights under the Data Protection Law
You are entitled to different rights depending on the applicable legal basis. If the Swiss Data Protection Act (FADP) and/or cantonal law is applicable, your rights are governed by these decrees.
Provided that the GDPR is applicable, the following applies: You can exercise the right of access to information, the right of rectification, the right of deletion, the right to restrict processing, the right of data transferability and the right of objection.
For the assertion of your corresponding right, you can make a claim to the contact address given above (under point 1).
a) Right of access
You have the right to receive information about the personal data processed by us and concerning you to the extent specified by law.
b) Right to rectify inaccurate data
You have the right to ask us to correct any personal data concerning you if it is incorrect.
c) Right of rectification and erasure
You have the right to ask us to correct incorrect data and – if the legal requirements are met – to complete or delete your data. This may be the case, for example, if the personal data is no longer necessary for the purposes for which it was collected or otherwise processed and in cases of illegal processing.
This does not apply to data that is required for billing and accounting purposes or is subject to the legal obligation to retain data. However, if access to such data is not required, their processing will be restricted.
d) Right to restriction of processing
You have the right – provided that the legal requirements are met – to demand that we restrict the processing of your data. This may be the case, for example, if the data is no longer necessary for the purposes we pursue, but we need it to assert, exercise or defend legal claims.
e) Right to data portability
Insofar as the scope of application of the EU Genereal Data Protection Regulation (GDPR) has been established, you have the right to receive from us the personal data concerning yourself which you have provided to us in a structured, common, machine-readable format in accordance with Art. 20 GDPR.
f) Right to lodge a complaint, supervisory authority
Additionally, there is a right of appeal to the competent data protection supervisory authority, depending on the applicable legal basis.
g) Withdrawal of consent
You can withdraw your consent to the processing of personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the withdrawal is not affected.
9. Cookies, Web-Storage
Cookies are text files that are stored on a computer system via an Internet browser. If a user accesses a website, a cookie can be stored on the user’s operating system. A cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. The person concerned can prevent cookies from being stored by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs.
Some of the cookies we use are deleted again after the browser session ends, i.e. after the browser has been closed (so-called session cookies). Other cookies, on the other hand, remain on the end device and enable us or our partner companies (third-party cookies) to recognize the browser upon the next visit (so-called persistent cookies). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period of time. The duration of deletion may vary depending on the cookie. The duration of the respective cookie storage can be viewed in the cookie settings of the respective web browser.
Provided that personal data is also processed by individual cookies used by name, the processing can take place due to different legal bases: to execute the contract, due to a given consent or to protect our legitimate interests (the legitimate interest is, among other things, to ensure the best possible operation of the website and the most customer-friendly and informative design of the website visit).
The respective browser can be set up in such a way that information is provided when cookies are set and it can therefore be decided individually whether the respective cookie is wanted or whether its use is not desired. The corresponding cookie setting differs depending on the browser used. An explanation of how to change the respective cookie setting is usually found in the help menu of the browser. For the following browsers, the help menu can be found under the following links:
- Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
- Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
- Opera: https://help.opera.com/de/latest/web-preferences/#cookies
If a cookie for application is not accepted by the user, the presentation of the usability of our website may be restricted for the respective user.
Web storage (also known as DOM storage or supercookies) is a technique for web applications that stores data in a web browser. DOM storage supports permanent data storage, similar to cookies, as well as local, session-dependent storage.
Unlike cookies, which can be accessed by both server and clients (browser), DOM storage is completely controlled by the client (browser). Data is not transferred to the server with every HTTP request and a web server cannot write data directly to DOM storage. Access is exclusively via scripts on the website.
The storage of data in the web storage can also be prevented by not accepting cookies. However, we would like to point out that refusing web storage can lead to limitations in the functionality of the name website.
10. IT System Logs
Every time you use the Internet, for example when accessing web sites and sending emails, data is automatically transmitted, which in part could be classified as personal data and is stored by us in so-called system logs. The system logs are stored by name to detect malfunctions and for security reasons. If the data is no longer necessary for the fulfilment of operational or legal obligations, it will be deleted.
11. Changes to the Data Protection Declaration