Purchase on account
Ordered until 3 p.m. - delivered tomorrow
SiroccoClub - loyalty discount
Login

Language

Cart

Your cart is empty

Data protection regulations

Data protection declaration

The following data protection declaration applies to the use of our online service www.sirocco.ch or the mobile App (hereinafter referred to as "website" or "online shop" or "App").

A. Kuster Sirocco AG (hereinafter referred to as "Sirocco" or "we") places great importance on data protection. The collection and processing of your personal data is performed in compliance with the applicable data protection regulations, in particular the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR).

We may amend these data protection regulations from time to time. You should check the data protection regulations each time you visit the website.

By using our websites as well as our Apps, you declare to be in agreement with the current version of our data protection regulations that is available at the time of your visit.

Information regarding the processing of your data by third parties when visiting our websites (e.g. Goolge Analytics, Facebook, etc.) in the present data protection regulations reflects the state of knowledge of Sirocco at the time of writing.

We have no influence over any changes to the practices of these third parties. While our Data Protection Policy is updated periodically, you should review the data protection policies of those third parties before using our websites or prevent their processing of your data (see the relevant sections of this Data Protection Policy for instructions).

1 Data protection officer

The person responsible for the acquisition, processing, and use of your personal data within the scope of Art. 4 No. 7 GDPR is

Uwe Gartmann,
A.Kuster Sirocco AG,
Hauptstrasse 22,
8716 Schmerikon SG,
datenschutz@sirocco.ch

If you do not wish for us to collect, process or use your data in accordance with these data protection provisions, either in whole or for individual measures, you can raise your objection with the Data Protection Officer.

You can store and print this data protection declaration at any time.

2 General purposes of processing

Sirocco acquires and processes personal information that is provided by you or collected through the use of our websites and/or online stores, Apps, and Club Programs within the context of your contact with us.

2.1 Hosting

The hosting services we use provide the following: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance services which we use for the purpose of operating the website.

We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, as well as meta and communication data of customers, interested parties and visitors of this website, based on our legitimate interests, in the efficient and secure provision of our website services in accordance with Art. 6 Para. 1, S. 1 f) GDPR and in conjunction with Art. 28 GDPR.

2.2 Access data

We acquire information about users accessing this website. We automatically collect information about their usage patterns and their interaction with us as well as register information related to their computer or mobile device. We collect, store and use data about each access to our website (so-called server log files). The access data includes:

- Name and URL of the retrieved file
- Date and time of retrieval
- Transferred data volume
- Notification of successful retrieval (HTTP response code)
- Browser type and version
- Operating system
- Referrer URL (i.e. the previously visited page)
- Websites accessed by the user's system through our website
- Internet service provider of the user
- IP address and the requesting provider

We use this protocol data – without allocating it to the user or other profiling – for statistical evaluations to ensure the operation, security and optimization of our website, but also for anonymously recording the number of visitors to our website (traffic) and for the scope and type of usage of our website and services. We also use it for billing purposes, and to record the number of visits from collaborating partners. Based on this information, we may provide personalized and location-based content and analyze traffic, troubleshoot, correct errors, and improve our services.

This is also our legitimate interest pursuant to Art. 6 Para. 1, S. 1 f) GDPR.

 We reserve the right to subsequently examine the log data if there is a justified suspicion of illegal usage based on concrete evidence. We store IP addresses in the log files for a limited period of time, if this is required for security purposes or for the provision or billing of a service, e.g. if you use one of our services. If no longer required for security purposes, we delete the IP address after the order process has been cancelled or payment has been received. We also store IP addresses if we have the definite suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, accessing links, etc.).

2.3 Cookies

We use cookies to optimize our website. A cookie is a small text file which is sent by the respective servers when you visit a website and it is stored temporarily on your hard drive. This file as such contains a so-called session ID, which can be used to assign various queries from your browser to the shared session. Hence, your computer can be recognized when you return to our website. These cookies are deleted after you close your browser. They are used, for example, to enable you to use the shopping basket function across several pages.

To a lesser extent, we also use persistent cookies (also small text files that are stored on your end device); they remain on your end device and enable us to recognize your browser the next time you visit. These cookies are stored on your hard disk and are deleted automatically after a specified period of time. Their lifespan is 1 month to 10 years. This enables us to present our services to you in a more user-friendly, effective and secure manner and, for example, to display information on the site that is tailored specifically to your interests.

Our legitimate interest in the use of cookies is pursuant to Art. 6 Para. 1, S. 1 f) GDPR and is intended to make our website more user-friendly, effective, and secure.

The following data and information is stored in cookies:

- Log-in information
- Language settings
- Keywords entered
- Information on the number of visits to our website and the use of individual functions of our website.

When the cookie is activated, it is assigned an identification number, but your personal data is not assigned to this identification number. Your name, your IP address or similar data, which would enable an assignment of the cookie to you, are not integrated in the cookie. Based on cookie technology, we receive only anonymous information as to those pages of our shop which have been visited, which products have been viewed, etc.

You can set your browser so that you are informed in advance when cookies are set and can decide on a case-by-case basis whether you wish to exclude the acceptance of cookies in certain cases or, in general, whether cookies should be excluded completely. In turn, this may limit the functionality of the website.

2.4 Data for fulfilling our contractual obligations

We process the personal data required to fulfill our contractual obligations. This includes name, address, e-mail address, products ordered, invoice and payment data. This data must be acquired for conclusion of the contract.

The data will be deleted after expiration of the warranty periods and statutory retention periods. Data linked to a user account (see below) will, in any event, be retained for the duration of the account's management.

The legal basis for this data processing is Art. 6 Para. 1, S. 1 b) GDPR, since this data is required for us to fulfill our contractual obligations to you.

2.5 User account

You can open a user account on our website. If you wish to do so, we will need the personal data requested when you log in. When you log in at a later point in time, only your e-mail or user name and password will be required.

New registrations require the acquisition of master data (e.g. name, address), communication data (e.g. e-mail address) and payment data (bank details) as well as access data (user name and password).

After registration, an activation link for your account will be sent to your e-mail address to ensure proper registration and prevent any unauthorized registrations by third parties. We will permanently store your transmitted data in our system only after registration has been completed.

After you have created a user account, you can request to delete your account at info@sirocco.ch. We will then delete your stored personal data insofar as we do not yet have to store it for order processing or due to legal storage obligations. Your account will be permanently deleted and once you delete it, there is no going back. Please be certain.

The legal basis for this data processing is your consent pursuant to Art. 6 Para. 1, S. 1 a) GDPR.

2.6 Newsletter

Data requested during registration is required to subscribe to the Newsletter, and we will log the registration for the Newsletter. After registration, notification will be sent to your specified e-mail address prompting confirmation of your registration ("double opt-in"). This is required to prevent third parties from registering with your e-mail address.

Of course, you retain the right to unsubscribe from the Newsletter at any time.

We store the registration data as long as required for sending the Newsletter. We will store the registration logging and the delivery address as long as you still agree to receive the Newsletter and do not cancel your subscription. As a rule, these are the statutory periods of limitation for civil claims, i.e. a maximum of three years.

The legal basis for sending the Newsletter is your consent in accordance with Art. 6 Para. 1, S. 1 a) in conjunction with Art. 7 GDPR as well as Art. 7 Para. 2 no. 3 UWG. The legal basis for the registration logging is our legitimate interest in the proof that the delivery was made with your consent.

You can cancel your subscription at any time without incurring any costs other than transmission fees based on basic rates. Notification sent to the contact address mentioned in section 1 (e.g. e-mail, fax, letter) is sufficient for this. You will also find an unsubscribe link in every Newsletter.

2.7 Product recommendations

We will regularly send you product recommendations by e-mail, irrespective of the Newsletter. In this way, you will receive information about individual items in our product assortment, which may be of interest, based on your most recent purchases of our goods or services. We will strictly adhere to applicable legal requirements. You can cancel receipt of these notifications at any time without incurring any costs other than transmission fees based on basic rates. Notification sent to the contact address mentioned in section 1 (e.g. e-mail, fax, letter) is sufficient for this. You will also find an unsubscribe link in every e-mail.

In this case, the legal basis is understood as the legal permission according to Art. 6 Para. 1, S. 1 f) GDPR in conjunction with Art. 7 Para. 3 UWG.

2.8 E-mail contact

If you contact us (e.g. via contact form or e-mail), we will handle your data to process the inquiry and also use it in case of any follow-up queries.

If data processing is implemented for pre-contractual measures, which take place at your request, or – if you are already a customer – for the execution of the contract, the legal basis for this data processing is Art. 6 Para. 1, S. 1 b) GDPR.

We will process other personal data only upon your explicit consent (Art. 6 Para. 1, S. 1 a) GDPR), or if we have a legitimate interest in processing your data (Art. 6 Para. 1, S. 1 f) GDPR). A legitimate interest lies, for example, in replying to your e-mail.

3 Identity and creditworthiness verification when selecting invoice payment options

A.Kuster Sirocco AG reserves the right to obtain creditworthiness information about the customer in order to protect its own interests within the framework of the purchase transaction and may forward customer data to third parties for this purpose.

For this purpose, the personal data required for a creditworthiness check (first and last name as well as address data) will be transmitted to an external credit agency. CRIF AG, Hagenholzstrasse 81, 8050 Zurich, carries out a corresponding assessment of the creditworthiness based on mathematical-statistical procedures. The information obtained on the statistical probability of a payment default is included in the decision on the establishment, implementation or termination of the contractual relationship.

The creditworthiness check is carried out in compliance with the relevant provisions of data protection law and with special consideration for your interests worthy of protection. Please note that only CRIF AG can provide information on the data used to calculate your creditworthiness profile.

We lay great value on the protection of your personal data. The privacy policy for the credit check and the invoicing of bills or installments can be found at https://www.ideal-payment.ch/datenschutz. It explains how we collect, use and protect your data. This declaration complies with the requirements of the Swiss Data Protection Act (DSG).

4 Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies, i.e. small text files which will be stored on your computer to help with analysis of user interaction with the site. The information generated by the cookie about the use of this website by visitors is generally transmitted to a Google server in the USA and stored there.

This is also our legitimate interest pursuant to Art. 6 Para. 1, S. 1 f) GDPR.

Google has accepted the Privacy Shield Agreement concluded between the European Union and the USA and has thereby become certified. In doing so, Google is obligated to comply with the standards and regulations of European Data Protection Law. Further information can be accessed through the following link:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

We have enabled IP anonymization on this website ("anonymizeIp"). However, this will result in your IP address being shortened by Google within Member States of the European Union or in other signatory states of the Agreement in the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Goggle server in the USA and then shortened there. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to provide us with other services relating to website activity and internet usage.

The IP address transmitted by your browser to Google Analytics is not merged with other Google data. You may decline the use of cookies by selecting the appropriate settings on your browser, however, if so, please note that you may not be able to use the full functionality of the website.

You can also prevent Goggle from receiving the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google. You can do this by downloading and installing the browser plug-in available from the following link:

http://tools.google.com/dlpage/gaoptout?hl=en.

External Links

Our websites and their contents may have links to the websites of other companies. We are not responsible for the data protection precautions on external websites that you can access via these links. Please check these external websites for information on their privacy policies.

5 Storage period

Unless otherwise stated, we will store personal data only for as long as is necessary to fulfill the purposes for which it was acquired.

In some cases, the law provides for personal data storage, for example in tax or commercial law. In these cases, the data will be stored by us solely for these legal purposes, not otherwise processed, and deleted at the end of the legal retention period.

6 Your rights as a data subject

According to applicable laws, you have various rights regarding your personal data. If you wish to exercise these rights, please send your request by e-mail or regular mail, with clear personal identification, to the address given in section 1.

You will find an overview of your rights below:

6.1 Right to confirmation and information

You have the right to obtain transparent information about the processing of your personal data.

In detail:

You have the right at any time to receive confirmation from us as to whether your personal data is being processed. If this is the case, you have the right to request information from us free of charge about your stored personal data, together with a copy of this data. Further, you also have a right to the following information:

1. the processing purposes;
2. the personal data categories which will be processed;
3. the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular, recipients in third countries or international organizations;
4. if possible, the envisaged duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
5. the right to correct or delete personal data relating to you or to have the processing restricted or to contest to such processing;
6. the right to lodge a complaint with a supervisory authority;
7. if the personal data was not acquired from you, all available information about the origin of the data; and
8. the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and – at least in these cases – relevant information on the logic involved as well as the scope and intended effects of such processing for you.

If personal data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.

6.2 Right to rectification

You have the right to demand that we correct and, if necessary, complete any personal data relating to you.

In detail:

You have the right to demand that we immediately correct any inaccurate personal data relating to you. With regard to the purposes of the data processing, you have the right to request that incomplete personal data be completed – also by means of a supplementary declaration.

6.3 Right to deletion ("right of omission")

In a number of cases, we are obliged to delete personal data relating to you.

In detail:

Pursuant to Art. 17 Para. 1 GDPR, you have the right to demand that we immediately delete personal data relating to you, and we are obliged to delete personal data immediately if one of the following applies:

1. personal data is no longer necessary for the purposes for which it was acquired or otherwise processed.
2. you revoke your consent for which the processing was based, pursuant to Art. 6 Para. 1, S. 1 a) GDPR or Art. 9 Para. 2 a) GDPR, and there is no other legal basis for processing.
3. you contest the processing pursuant to Art. 21 Para. 1 GDPR, and there are no overriding legitimate reasons for the processing, or you contest the processing pursuant to Art. 21 Para. 2 GDPR.
4. personal data has been processed unlawfully.
5. the deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject.
6. personal data was acquired through services offered by an information agency pursuant to Art. 8 Para. 1 GDPR.

If we have made personal data public and if we are obliged to delete it in accordance with Art. 17 Para. 1 GDPR, we shall take appropriate measures – including technical means, taking into account the technology available and the implementation fees – to inform those responsible for processing the personal data that you have requested them to delete all links to this personal data or copies or replications of this personal data.

6.4 Right to limitation of processing

In a number of cases, you have the right to instruct us to restrict the processing of your personal data.

In detail:

You have the right to demand that we restrict the processing of your personal data if one of the following applies:

1. the accuracy of the personal data is disputed by you for a period of time which enables us to verify the accuracy of the personal data;
2. the processing is unlawful and you refused to delete the personal data but instead have requested the restriction of the use of the personal data;
3. we no longer require the personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims, or
4. you have objected to the processing pursuant to Art. 21 Para. 1 GDPR, as long as it is not yet certain whether the legitimate reasons of our company outweigh those of yours.

6.5 Right to data transferability

You have the right to receive, transmit or have us transmit machine-readable personal data relating to you.

In detail:

You have the right to receive the personal data relating to you that you have provided to us in a structured, standard and machine-readable format, and you have the right to transfer such data to another responsible person without our interference, provided that:

1. processing is based on consent pursuant to Art. 6 Para. 1, S. 1 a) GDPR or Art. 9 Para. 2 a) GDPR or on a contract in accordance with Art. 6 Para. 1, S. 1 b) GDPR; and
2. processing is performed using automated procedures.

When exercising your right to data transfer in accordance with Paragraph 1, you have the right to request that personal data be transferred directly by us to another responsible person, insofar as this is technically feasible.

6.6 Right of objection

You also have the right to object to a lawful processing of your personal data by us if this is based on your particular situation and does not outweigh our interests in the processing.

In detail:

You have the right, for reasons arising from your particular situation, to contest at any time the processing of personal data relating to you on the basis of Art. 6 Para. 1, S. 1 e) or f) GDPR; this also applies to profiling based on these provisions. We will no longer process your personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

If we process your personal data for direct advertising purposes, you have the right at any time to object to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is connected with such direct advertising.

You have the right to contest the processing of your personal data for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 Para. 1 GDPR, for reasons arising from your particular situation, unless such processing is necessary for reasons in the public interest.

6.7 Automated decisions including profiling

You have the right not to be subject to decisions based solely on automated processing – including profiling – which have a legal effect on you or which substantially impair you in a similar manner.

There will be no automated decision-making on the basis of the personal data acquired.

6.8 Right to revoke consent under data protection law

You have the right to revoke your consent to the processing of personal data at any time.

6.9 Right to complain to a supervisory authority

If you consider that the processing of your personal data is unlawful, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of alleged infringement.

7 Data security

We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical resources.

We will encrypt the transmission of your personal data. This applies to your orders and also to customer login. We use the SSL (Secure Socket Layer) coding system, but would like to point out that there may be security gaps in data transmission over the internet (e.g. when communicating by e-mail). Comprehensive data protection against access by third parties is not possible.

To secure your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR, which we continually adapt to the state of the art.

Furthermore, we cannot guarantee that our services will be available at certain times; faults, interruptions or failures cannot be excluded. We backup our servers securely and on a regular basis.

8 Transfer of data to third parties, no data transfer to non-EU countries

Essentially, we use your personal data only within our company.

If, and to the extent, we involve third parties in the performance of contracts (e.g. logistics service providers), such personal data will be provided only to the extent that the transmission is required for the corresponding service.

In the event that we outsource certain parts of the data processing ("order processing"), we contractually oblige order processors to use personal data only in accordance with the requirements of applicable data protection laws and to guarantee the protection of the rights of the data subject.

Data transmission to entities or persons outside the EU, or outside the scope set forth in the present declaration in section 4, will not occur and is not planned.

Status as of 1 April 2025