Privacy Policy

Information regarding the processing of personal data and the use of the website

Ampersand Labs by Davide Morotti, hereinafter referred to as "Ampersand Labs" is an individual company, based in Zürich (ZH-CH). Ampersand Labs agrees to process personal data in accordance with applicable law, i.e. Swiss law and in particular the Federal Data Protection Act. To the extent that the activity of Ampersand Labs also falls within the scope of the General Data Protection Regulation (also known as the GDPR or Regulation 2016/679, hereinafter referred to as the "GDPR").

Who we are 
What data we collect and why
Consent
What are your rights
Security measures (how we protect your data)
Duration of data retention
Transmission of your data to third parties and abroad
Cookies, analysis and tracking systems, and social media plug-ins, external links
Minors
General provisions
Changes to this statement

Who we are

Ampersand Labs by Davide Morotti, hereinafter referred to as "Ampersand Labs" and/or the Agency is an individual company, based in Zürich (ZH-CH), responsible, inter alia, for the management of the website https://ampersand.ch. In this capacity, the Agency is, therefore, the Data Controller of the data processing carried out through this site. 

What data we collect and why

In order to provide our services, we need to have some personal data of customers and users of our website.

A part of such data is automatically transmitted by the device with which you consult our website. To inhibit such automatic transmission, to the extent based on your personal preference, you must access your browser settings from your device and deactivate the transmission of personal data. 

Other data are provided directly by the customer to receive information, newsletters, or other communications relating to activities.

1. Data collected at the time of access to our website, acquired through our servers:

  • Date and time of access
  • IP number of your computer
  • Browser in use on your device
  • Country of origin of the connection to our server, as well as information relating to language, screen, location, etc.;
  • Operating system processor
  • Information regarding your Internet service provider

2. Data you provide us, at the time of registration, for the purchase of products through our website:

  • First and Last Name
  • Address
  • E-mail address
  • Telephone number
  • Possible Fax number
  • Correspondence language
  • Credit card data and/or other billing data
  • Date of birth

3. Data, which you provide us, for communications by the Agency:

  • First and Last Name
  • Correspondence language
  • E-mail address
  • Favorite products/services

Consent

The GDPR defines consent in the following terms: “any manifestation of the free, specific, informed, and unequivocal will of the data subject, with which the latter expresses his/her consent, through an unequivocal statement or positive action, that the personal data concerned are subject to processing". 

The future LPD will indicate that"consent is valid only if given freely and unequivocally after being duly informed. Express consent is required for the processing of personal data subject to specific protection and for profiling". 

Consent must always be explicitly expressed if it concerns particularly sensitive personal data, such as for example information relating to your religion, your ethnic origin, your political status, etc. However, our agency does not collect this kind of information since it is not necessary or useful for the provision of our services. 

For less sensitive data, consent can be given with any manifestation of free will, for example by conclusive acts, or it can be presumed if the data in question are essential to allow us to provide our services. In this case, your request to obtain an Agency service will imply that you agree that the Agency may use your data for the provision of the requested service (e.g. billing data, etc.).

Other data are instead intended for our marketing communication activities and are explicitly collected for this purpose. Of course, you can deny your consent for the processing of your data for this purpose and can always withdraw it if you have given it previously.

Our administrative staff is at your disposal for any and all doubts you may have in relation to data processing.

 

What are your rights

To the extent that this is expressly envisaged by regulation applicable to the activity of the Data Controller, you have the right to request that your data be:

  • Updated, corrected or (if the data is incomplete) supplemented
  • Deleted, if:
    • Your data are no longer necessary for the pursuit of the purposes for which they were collected or processed
    • You have withdrawn your consent or oppose the processing
    • Your data are processed unlawfully or must be deleted in order to fulfill a legal obligation
  • Limited in its processing, if:
    • Your data are incorrect or are unlawfully processed or you have objected to the processing
    • Although the Agency no longer needs it for processing purposes, it is necessary for the Agency to legally assert your rights
  • The data were transferred to another Data Controller ("right to portability") if the processing is based on consent and is carried out by automated means.

Please refer to the chapter on the duration of data retention by the same title.

In accordance with the applicable regulations, you have the right to lodge a complaint with a supervisory authority (in Switzerland the Federal Data Protection and Transparency Commissioner, and in other European countries the authorities designated by current national law).

Security measures (how we protect your data)

The Agency protects your data against unauthorized processing and/or loss by implementing appropriate technical and organizational measures. The technical systems are maintained by adequately taking into account the constant technological development. 

In order to avoid unauthorized processing or loss of data, we recommend that our Customers and users always use updated systems and that they do not share sensitive information, usernames, or passwords with third parties.

Duration of data retention

The Customer's personal data are processed and kept in principle as long as they are needed for the provision of the services requested by the Customer (contractual basis) or in compliance with legal obligations (legal basis). In particular, the data are kept for the entire duration of the contractual relationship between the Customer and the Agency, for accounting and legal purposes (for example in the case of a judicial procedure promoted or incurred by the Agency). In any case, to the extent that the legitimate interest of the Agency in the storage of the data ceases, they are anonymized and deleted respectively. 

Transmission of your data to third parties and abroad

In order to provide its services, the Agency must, in some circumstances, provide third parties access to your data (outsourcing). The above is particularly true in the case of website management, as well as for sending newsletters or profiling and marketing purposes.

Cookies, analysis and tracking systems, and social media plug-ins, external links, use of YouTube videos

  1. Cookies are small data packets, a sort of identification card, which your device exchanges with our server while browsing our website. In particular, the information collected allows us to make navigation more pleasant and effective. Cookies are automatically saved on your device via the browser you use to surf the net and allow, inter alia, to keep track of your choices and settings, so that each access will be made more effective. Each browser allows you to set the management of cookies, even up to impeding their transmission. Among other things, you can delete cookies partially or completely, be notified whenever a system requests the exchange of cookies, etc. Please be aware that without the use of cookies the browsing experience may be partially compromised and some services may not function partially or completely.
  2. Our website is equipped with tracking systems that allow for collecting the information needed for its management and implementation. Cookies and tracking systems offered by third parties, such as Google Analytics are also used.
  3. To allow our customers to choose whether and how to keep in touch with our Agency, communication also takes place through the most popular social media. In this regard, our website is equipped with systems (called "plug-ins") that allow users to activate a link with the selected social media. The exchange of data needed to use social media only takes place at that time and, therefore, upon the express request of the Customer.
  4. Our website offers links to external websites of interest or useful for the provision of our services. The Agency does not constantly monitor such websites and, therefore, you are urged to consult the related data protection statements before you start browsing. Any liability for the content or implementation of the Agency's personal data protection regulations is waived. In any case, unless explicitly indicated otherwise, the Agency does not provide the operators of these websites sites with any personal data.
  5. To provide a more complete experience, our website allows you to view videos from "Youtube" (a company belonging to Google LLC). Any privacy settings must, therefore, be made through the Youtube settings.

Minors

Our agency does not collect or process the data of minors. However, by not systematically collecting any personal data, except within the terms provided within this document and by the applicable regulations, we are unable to identify the age of visitors to our website. If you believe that a minor in your custody has provided us with your personal data without your consent, we urge you to report it to us without delay. Our staff will implement the appropriate measures.

General provisions

It is noted that the transmission of communications, documents, and other information by email is considered less reliable, secure, and confidential than by letter or Fax. We use modern identification technologies against viruses and spam. However, we recommend that you use adequate and updated protection systems (for example antivirus software) and we waive any liability for any damage deriving from emails or loss of the same. We reserve the right to reject emails with potentially dangerous attachments.

Changes to this statement

The Agency reserves the right to update this statement in order to ensure adequate and compliant protection with current law. For this reason, in particular if significant legislative or case law changes occur, this statement may be updated and/or modified.

 If you have any doubts or questions about the scope of this statement, please do not hesitate to contact us.

 

 

Version 1.0.0, January 2019