Joyce Square Sàrl, located at Chemin de la Nouvelle-Héloïse 10, 1815 Clarens, is the entity responsible for the website www.joycesquare.ch (hereinafter referred to as the “Website”). Joyce Square Sàrl ensures the proper management, use, and processing of your personal information, in compliance with the current data protection regulations.
The protection and proper handling of your data are paramount to Joyce Square Sàrl. We are committed to safeguarding your rights concerning your personal data, be it during interactions on our website, in-store purchases, or participation in our events or other programs. We are devoted to keeping you informed in line with established standards, especially the Swiss Federal Data Protection Act (FDPA) and the European General Data Protection Regulation (GDPR).
This Privacy Policy aims to inform you about how Joyce Square Sàrl collects, uses, and processes data related to you.
Please note that this Privacy Policy may be updated. Any changes will be published on our website. We advise you to review it regularly to stay informed.
Joyce Square Sàrl, located at Chemin de la Nouvelle-Héloïse 10, 1815 Clarens, is the entity responsible for data management as described in this data protection statement, unless specifically noted otherwise for certain cases.
Should you have any questions regarding the protection of your data or wish to exercise your rights as outlined in section 11 of this data protection statement, please contact us at the following address:
By mail:
Joyce Square Sàrl
Chemin de la Nouvelle-Héloïse 10
1815 Clarens
Switzerland
Or via email at: info@joycesquare.ch
We process various categories of data related to you. The main categories include (but are not limited to):
Technical Data: When you use our website or other online services (e.g., Wi-Fi), we collect the IP address of the device you are using (terminal) and other technical data to ensure the functionality and security of these offers. This data includes the usage logs of our systems. To ensure the functionality of these offers, we may also assign you an individual code or assign a code to your terminal (for example, in the form of a cookie, see Section 13). Technical data as such do not allow conclusions to be drawn about your identity. However, technical data can be linked with other categories of data (and potentially with your person) within the context of user accounts, logs, access controls, or the execution of a contract.
Registration Data: Some offers, and certain services (e.g., login areas of our website, sending newsletters, WLAN access, etc.) can only be used with a user account or after registration, which can be done directly with us or, where applicable, through a third-party connection service provider. In this context, you must provide us with certain data, and we collect data on the use of the offer or service. Depending on the circumstances, we may also share or receive some of your registration data from our contractual partners. Access controls to certain facilities may require registration data and, depending on the control system, biometric data.
Communication Data: When you are in contact with us via the contact form, email, phone, messaging or chat, or by mail or any other means of communication (e.g., posts or comments on our website), we collect the data you exchange with us, including your contact details and the metadata of the communication.
Basic Data : By "basic data", we mean the foundational information that we require, in addition to contractual data (see below), for the execution of our contractual relationships and other business relations, or for marketing and promotional purposes. This encompasses your name and contact details, as well as information about, for instance, your role and function, bank details, date of birth, customer history, powers of attorney, signature authorizations, and consent statements. We process your basic data if you are a client or another business contact, or if you work for one (e.g., as a business partner's point of contact), or because we wish to reach out to you for our own purposes or those of a contractual partner (e.g., in the context of marketing and advertising, event invitations, with vouchers, with newsletters, etc.). We obtain basic data from you (for instance, when you make a purchase or register), from entities you work for, or from third parties like contract partners, associations, and address brokers, as well as from public sources such as public registries or the internet (websites, social media, etc.). Within the scope of basic data, we may also process health-related data and information about third parties. We might also gather basic data from our shareholders and investors.
Other Data: We also collect data about you in other situations. For example, we process data that may concern you (such as records, evidence, etc.) as part of administrative or legal procedures. We may also collect data for health protection purposes (e.g., within health protection concepts). We can acquire or create photos, videos, and sound recordings in which you might be identifiable (e.g., during events, via security cameras, etc.). We may also collect data about individuals who enter certain buildings, and when, or about those who have access rights (including within access controls, based on registration data or visitor lists, etc.), about individuals who participate in events or campaigns (e.g., competitions), and about those who use our infrastructures and systems and when. Furthermore, in addition to the basic data, we can gather and process data about our shareholders and other investors, including information for registries, in the context of their rights exercise or during events (e.g., general meetings).
Contractual Data: This pertains to data collected during the initiation or execution of a contract, such as information about contracts and the used products, services, or other offers (in the case of a purchase, for instance, the date, place, time, object, and purchase price, payment method, and delivery mode), as well as data related to the pre-contractual period, information needed or used for contract execution, and customer feedback (e.g., complaints, customer satisfaction data, etc.). This might include health data and information about third parties. We typically collect this data from you, contract partners, and third parties involved in contract execution, but also from third-party sources (e.g., credit information providers) and public sources.
Données comportementales et de préférence : Selon la relation que nous entretenons avec vous, nous essayons de mieux vous connaître et d'adapter nos produits, services et offres à vos besoins. À cette fin, nous collectons et traitons des données concernant votre comportement et vos préférences. Nous le faisons en évaluant les informations relatives à votre comportement dans notre domaine, et nous pouvons également compléter ces informations par des informations provenant de tiers, y compris de sources publiques. Sur la base de ces données, nous pouvons, par exemple, déterminer la probabilité que vous utilisiez certains services ou que vous vous comportiez d'une certaine manière. Des données traitées à cette fin nous sont soit déjà connues (par exemple, où et quand vous utilisez nos services)., Nous pouvons également les collecter en enregistrant votre comportement (par exemple, la façon dont vous naviguez sur notre site web).
We process your data for the purposes set out below. You will find further information in sections 12 and 13 for online services. These purposes and their objectives serve our interests and, potentially, those of third parties. You will find more information on the legal basis for our processing in section 5. We process your data for communication with you, especially to respond to your requests and to exercise your rights (section 1) and to enable us to contact you if there are questions. For this purpose, we primarily use communication data and basic data, as well as registration data related to offers and services you use. We retain this data to document our communication with you for training, quality assurance, and request tracking purposes.
We process data for the conclusion, administration, and execution of contractual relationships.
We process data for marketing and relationship management purposes, for instance, to send (or display on the website, our social media pages, etc.) to our clients and other contractual partners personalized advertisements for products, services, and other offers that we or third parties provide.
This can take the form of newsletters and other regular contacts (electronically, via email, or by phone), through other channels for which we have your details, but also as part of marketing campaigns (like events, competitions, etc.) and might also include complimentary services (like invitations, vouchers, etc.).
Lastly, we also wish to enable our contractual partners to contact our clients and other contractual partners for marketing purposes (see section 1).
We also process your data for market research purposes, to improve, as well as to grow our business operations (our products, services, and other offers).
We may also process your data for security and access control purposes.
We process personal data to comply with laws, guidelines, and recommendations from authorities and internal regulations ("compliance with legal requirements").
We also process data within the context of our risk management and corporate governance, including organization and business development.
We may process your data for other purposes, such as within our internal processes and administration or for quality assurance and training purposes.
When we ask for your consent for certain data processing, we will also inform you of the related purposes. You can revoke your consent at any time with ex nunc effect by sending us a written message (by postal mail) or, unless otherwise specified or agreed upon, by email; you will find our contact details under number 2 of this data protection statement. For the revocation of your consent in the context of online tracking, described under number 11 of this data protection statement when you have a user account, a revocation or contact with us can also be done, if applicable, via the concerned website or other service. As soon as we receive notification of your consent withdrawal, we will no longer process your data for the purposes to which you initially consented, unless we have another legal basis. The withdrawal of your consent does not affect the legality of processing carried out based on this consent up to its withdrawal.
When we do not ask for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the preparation or execution of a contract with you (or the entity you represent) or that we or third parties have a legitimate interest in it, especially to meet the conditions stated in the previous point, the objectives described above, and to take the necessary measures. Compliance with legal provisions is also part of our legitimate interests, to the extent that it is not already recognized as a legal basis by the applicable data protection legislation.
In some cases, other legal reasons may come into play, which we will communicate to you separately if necessary.
We may add some of your personal characteristics to those mentioned in point 1 using data you've provided to us (sec. 3) in an automated manner ("profiling") when we aim to determine preference data but also to determine risks of misuse and security, for statistical evaluations, or for operational planning purposes. For the same purposes, we can also establish profiles, meaning that we might combine behavioral data and preference data along with basic and contractual data, as well as technical data associated with you, to better understand you as an individual with various interests and attributes.
In both cases, we ensure proportionality and reliability of the results and take measures against misuse of these profiles or profiling. If these may lead to legal effects or significant disadvantages for you, we typically foresee a manual check.
In the context of our contracts, website, services and products, our legal obligations, or to protect our legitimate interests and other interests mentioned in Art. 4, we also share your personal data with third parties, particularly the following categories of recipients:
Service providers: we collaborate with service providers both domestically and abroad who process data about you on our behalf or jointly with us, or who receive data about you from us under their own responsibility.
Public authorities: We may disclose personal data to administrations, courts, and other authorities domestically and abroad if legally mandated or authorized, or if it seems necessary for the protection of our interests.
Others: These are specific instances where the involvement and communication to third parties derive from the purposes described under section 4.
All these recipient categories may in turn involve third parties, meaning your data might also be accessible to them. We may limit processing by some third parties (e.g., IT service providers), but not by others (e.g., authorities, banks, etc.).
As indicated in sec. 7, we also share data with other entities. These are not located exclusively in Switzerland. Therefore, your data might be processed both within Europe and other countries. If a recipient is in a country with no adequate legal data protection, we bind the recipient contractually to comply with the relevant data protection standard (using standard contractual clauses revised by the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj ?), unless they are already subject to a recognized set of rules ensuring data protection or unless we can rely on an exemption. An exemption might apply, for instance, in cases of foreign legal proceedings, or when contract execution requires such communication, if you've given your consent or if it involves data that you've made publicly available and didn't refuse processing.
Please also note that data exchanged online often transits through third countries. Thus, your data might end up abroad even if both sender and recipient are in the same country.
We process your data as long as our processing purposes, legal retention periods, and our legitimate interests in documentation and evidence preservation require, or if retention is technically required. In the absence of contrary legal or contractual obligations, we will delete or anonymize your data once the retention period has lapsed or when processing has ceased in our regular processes.
We take adequate security measures to ensure the necessary safety of your personal data and to guarantee its confidentiality, integrity, and availability, to protect it against unauthorized or illegal processing, and to minimize the risk of loss, accidental alteration, unauthorized disclosure, or access.
To make controlling the processing of your personal data easier for you, you also have the following rights regarding our data processing, as per applicable data protection laws:
To exercise the above-mentioned rights with us, please contact us in writing, by visiting our offices or, unless otherwise specified or agreed upon, by email; our details are in sec. 2. To prevent any misuse, we need to identify you (e.g., using a copy of your ID, if no other means are possible).
Please be aware that these rights might be subject to conditions, exceptions, or limitations under the relevant data protection legislation (e.g., to protect third parties or trade secrets). We'll inform you accordingly if needed.
If you're dissatisfied with how we address your rights or our data protection practices, please let us know as per section 2 of this privacy statement. Especially if you're in the EEA, UK, or Switzerland, you also have the right to file a complaint with your country's data protection supervisory authority. You can find a list of the EEA authorities here: https://edpb.europa.eu/about-edpb/board/members_de. The UK authority can be contacted here: https://ico.org.uk/global/contact-us/. The Swiss supervisory authority can be reached here: https://www.edoeb.admin.ch/edoeb/de/home/der-edoeb/kontakt/adresse.html..
If you disagree with how we respond to your rights exercise or with our data protection practices, you can let us know (section 2). You're also free to file a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
Diverses techniques sont utilisées sur notre site web, ce qui nous permet – ainsi qu'aux tiers que nous engageons – de vous reconnaître lors votre utilisation de notre site web, et éventuellement de vous suivre sur plusieurs visites. Cette section vous informe à ce sujet. En substance, nous souhaitons faire la distinction entre votre accès (par le bais de votre système) et l'accès par d'autres utilisateurs, afin de pouvoir assurer la fonctionnalité du site web et effectuer des analyses et des personnalisations. En fait, nous n'avons pas l'intention de déterminer votre identité, bien qu'il puisse être possible pour nous ou pour les tiers que nous engageons de vous identifier en établissant un lien avec les données d'enregistrement. Toutefois, même en l'absence de données d'enregistrement, les technologies que nous utilisons sont conçues de manière que vous soyez reconnu comme un visiteur individuel chaque fois que vous accédez au site web, par exemple notre serveur (ou les serveurs de tiers) qui attribue un numéro d'identification spécifique à vous ou à votre navigateur (appelé «cookie»).
Nous utilisons ces technologies sur notre site web et pouvons autoriser certains tiers à le faire également. Vous pouvez configurer votre navigateur pour bloquer ou tromper certains types de cookies ou certaines technologies alternatives, ou pour supprimer les cookies existants. Vous pouvez également ajouter un logiciel à votre navigateur afin de bloquer certains suivis de tiers. Vous trouverez de plus amples informations sur les pages d'aide de votre navigateur (généralement avec le mot-clé «protection des données») ou sur les sites web de tiers (cf. ci-dessous). Nous distinguVarious techniques are employed on our website which allows us – as well as third parties we engage – to recognize you during your use of our website, and potentially track you across multiple visits. This section provides details about this. Essentially, we aim to differentiate between your access (via your system) and access by other users, to ensure website functionality, and to conduct analyses and personalizations. In fact, we do not intend to ascertain your identity, although it might be possible for us or the third parties we engage to identify you by linking with registration data. However, even without registration data, the technologies we employ are designed to recognize you as an individual visitor each time you access the website, such as our server (or third-party servers) that assigns a unique identifier to you or your browser (referred to as "cookie").
We use these technologies on our website and may allow certain third parties to do so as well. You can configure your browser to block or trick certain types of cookies or other similar technologies or delete existing cookies. You can also add software to your browser to block certain third-party tracking. More information can be found in your browser's help pages (usually under "data protection") or on third-party websites (see below). We categorize cookies as follows (including similar technologies like digital fingerprints):
This allows us, as well as our contractual partners, to display advertisements that we believe may interest you, on our website and on other websites that display advertisements on our behalf or on behalf of our contractual partners. Without these marketing cookies, you won't see fewer advertisements, but rather different advertisements. In addition to marketing cookies, we may use other technologies to monitor online advertising on other websites and thus reduce advertising waste. For instance, we can transmit the email addresses of our users, our clients, and other individuals to whom we wish to display advertisements to advertising platform operators (for example, social networks). If these individuals are registered with the same email address with these platforms (determined by the platforms through a matching process), the providers specifically display our advertisements to these individuals. Providers do not receive personal email addresses of individuals unknown to them.
However, for known email addresses, they do learn that these individuals are in contact with us and the content they viewed. We can also integrate additional offers from third parties on our website, especially from social network providers. When these offers are activated, these providers can determine that you use our website. If you have an account with the social network provider, it can attribute this information to you and thus track your use of online offers. These social network providers process this data as independent data controllers.
Currently, for example, we use Google Analytics. Google Ireland Ltd. (located in Ireland) is the provider of the "Google Analytics" service and acts as our subcontractor. Google Ireland uses Google LLC (located in the USA) as a subcontractor (both referred to as "Google"). Google collects information on the behavior of visitors to our website (duration, pages viewed, geographic access region, etc.) through performance cookies (see above) and, based on this, creates reports for us on the use of our website. Although we assume that the information we share with Google is not considered personal data by Google, it is possible that Google may be able to deduce the identity of visitors from the data collected, create personal profiles, and associate this data with the Google accounts of these individuals for its own purposes. You can find information about data protection regarding Google Analytics here: https://support.google.com/analytics/answer/6004245 and if you have a Google account, you can find more details about Google's processing here: https://policies.google.com/technologies/partner-sites?hl=fr. 14.
We may operate pages and other online presences ("fan pages," "channels," "profiles," etc.) on social networks and other platforms run by third parties and collect data as described in Section 3 and below. We receive this data from you and from the platforms when you interact with us through our online presence (e.g., when you communicate with us, comment on our content, or visit our online presence). These platforms also analyze your use of our online presences and combine this data with other data they have about you (e.g., behavioral and preference data).
They also process this data for their own purposes, including for marketing and market research purposes (e.g., to personalize advertising) and to manage their platforms (e.g., which content they show you), and in doing so, they act as independent data controllers.
We process this data for the purposes set out in Section 1, particularly for communication, for marketing purposes (including advertising on these platforms, see Section 12), and for market research. You can find information on the applicable legal basis in Section 6. We may share content published by you (e.g., comments on an advertisement), for example, as part of our advertising on the platform or elsewhere. We or the platform operators may also delete or restrict content from you or about you, in accordance with their terms of use (e.g., inappropriate comments). For more information on the processing by platform operators, you can refer to the respective data protection statements. There you will also find information about the countries in which they process your data, your rights of access and deletion of data, and other rights of data subjects, as well as how you can exercise these rights or obtain further information.
This privacy statement is not a contractual agreement with you. We can modify this privacy statement at any time. The version available on our website is the current one.
Last Updated: September 18, 2023