We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you which of your personal data we collect when you visit our website and for what purposes it is used.
This privacy policy applies to the website "Sebastos - Your portal for body, mind and soul", which is accessible under the domain www.sebastos.com and the various subdomains.
Person responsible
For the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
SEBASTOS | Your portal for body, mind & soul
UTZ MEDIEN AG
Burghaldenweg 19
CH-5330 Bad Zurzach
Phone +41 (0) 56 222 000 4
What's it about?
This Privacy Policy fulfills the legal requirements for transparency in the processing of personal data. These are all pieces of information related to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, email address, IP address, or user behavior when visiting a website. Information where we cannot (or only with disproportionate effort) relate to you, e.g., through anonymization, is not considered personal data. The processing of personal data (e.g., collecting, querying, using, storing, or transmitting) always requires a legal basis and a defined purpose.
Stored personal data will be deleted once the purpose of processing is achieved and there are no lawful reasons for further retention of the data. We inform you in the individual processing operations about the specific retention periods or criteria for storage. Regardless, in individual cases, we store your personal data for the assertion, exercise, or defense of legal claims and in the presence of statutory retention obligations.
Who gets my data?
We only share your personal data processed on our website with third parties if it is necessary for fulfilling the purposes and if it is covered by the legal basis in the individual case (e.g., consent or protection of legitimate interests). Furthermore, we may share personal data with third parties in individual cases if it serves the assertion, exercise, or defense of legal claims. Possible recipients can then be, for example, law enforcement agencies, lawyers, auditors, courts, etc.
As far as we use service providers for the operation of our website, who process personal data on our behalf according to Art. 28 GDPR as part of processing orders, these recipients can be your personal data recipients. You can find more detailed information about the use of order processors and web services in the overview of individual processing operations.
Do you use cookies?
Cookies are small text files that are sent to the browser of your device during your visit to our internet pages by us and stored there. Alternatively, information can also be stored in the local storage (local storage) of your browser. Some functions of our internet page cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, however, enable us to perform various analyses so that, for example, we can recognize the browser you use on a subsequent visit to our website and transmit various information to us (non-essential cookies). With the help of cookies, we can make our online offering more user-friendly and effective for you, for example, by tracking your use of our website and determining your preferred settings (e.g., country and language settings). If third parties process information via cookies, they collect this information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.
We inform you about the respective services for which we use cookies in the individual processing operations. Detailed information about the cookies used can be found in the cookie settings or in the Consent Manager of this website.
Under the conditions of the legal provisions of the General Data Protection Regulation (GDPR), as a data subject, you have the following rights:
Below we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. There is no automated decision-making in individual cases, including profiling.
Nature and Scope of Processing
When accessing and using our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
Purpose and Legal Basis
The processing is carried out to protect our predominant legitimate interest in displaying our website and ensuring its security and stability based on Art. 6 (1) lit. f GDPR. The collection of data and storage in log files is absolutely necessary for the operation of the website. There is no right to object to the processing due to the exception according to Art. 21 (1) GDPR. Insofar as further storage of the log files is required by law, the processing is based on Art. 6 (1) lit. c GDPR. There is no legal or contractual obligation to provide the data; however, accessing our website is technically not possible without providing the data.
Storage Duration
The aforementioned data is stored for the duration of the website display and, for technical reasons, for a maximum of 7 days thereafter.
Nature and Scope of Processing
On our website, we offer you the opportunity to contact us via a provided form. The information collected through mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you deem necessary for processing the contact request.
No personal data collected through the contact form is shared with third parties.
Purpose and Legal Basis
The processing of your data through the use of our contact form is for the purpose of communication and handling your request based on your consent according to Art. 6 (1) lit. a GDPR. If your inquiry relates to an existing contractual relationship with us, the processing is for the purpose of fulfilling the contract based on Art. 6 (1) lit. b GDPR. There is no legal or contractual obligation to provide your data, but processing your request is not possible without the information from the mandatory fields. If you do not wish to provide this data, please contact us by other means.
Storage Duration
If you use the contact form based on your consent, we store the collected data of each request for a period of three years, starting from the completion of your request or until you revoke your consent.
If you use the contact form as part of a contractual relationship, we store the collected data of each request for a duration of [three years] from the end of the contractual relationship.
Nature and Scope of Processing
If you sign up for our newsletter on our website, we collect your email address [and your name…] and store this information along with the date of subscription and your IP address. Subsequently, you will receive an email in which you must confirm the subscription to the newsletter (Double-Opt-in). If you do not confirm the subscription within 24 hours, it automatically expires, and the data will not be processed for sending the newsletter.
For sending the newsletter, we use a service from brevo, who processes your personal data on our behalf according to Art. 28 GDPR. Your data is not shared with third parties.
Purpose and Legal Basis
We process your data for the purpose of sending the newsletter based on your consent according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time with effect for the future by unsubscribing from the newsletter, as per Art. 7 (3) GDPR. There is no legal or contractual obligation to provide your data, but sending the newsletter is not possible without providing your data.
Storage Duration
After signing up for the newsletter, we store the data for a maximum of 24 hours until the subscription is confirmed. After successful confirmation, we store your data until you revoke your consent (unsubscribe from the newsletter) and for technical reasons, a maximum of 7 days thereafter.
Nature and Scope of Processing
For the use of certain areas of our website, you have the option to register a user account. The information collected during registration through mandatory fields is required to provide access to the user account. Additionally, you can voluntarily provide extra information for supplementary (convenience) functions.
The sharing of your personal data for the registration of a user account is exclusively in accordance with this Privacy Policy.
Purpose and Legal Basis
We process your data for the purpose of providing a user account to fulfill a contract with you according to Art. 6 (1) lit. b GDPR. There is a contractual obligation to provide your data, as this information is necessary for identifying you and for the fulfillment of our contractual obligations. There is no legal obligation to provide the data. Without providing this information, the registration of a user account and thus the conclusion of a contract is not possible.
Furthermore, the processing of additional information voluntarily provided is for the purpose of offering more (convenience) functions based on your consent according to Art. 6 (1) lit. a GDPR. By deactivating the functions / by deleting the voluntary information in the user account, you can withdraw your consent at any time with effect for the future according to Art. 7 (3) GDPR.
Storage Duration
We store your personal data for the duration of the contract relationship for the provision of the user account. After the end of the contract / deletion of the user account, further storage of your data only occurs if legal retention obligations (e.g., tax and commercial law) exist.
Additional information that you provide to us based on your consent will be stored only until you withdraw your consent by deactivating the functions / by deleting the data, but no longer than until the end of the contract underlying the provision of the user account.
We maintain so-called fan pages, accounts, or channels on the networks mentioned below to provide you with information and offers within social networks and to offer additional ways to contact us and learn about our offers. Below, we inform you about the data we or the respective social network process in connection with the access and use of our fan pages/accounts.
Data We Process from You
If you wish to contact us via messenger or direct message through the respective social network, we typically process your username through which you contact us and may store further data you provide as far as necessary for the processing/answering of your request.
The legal basis is Art. 6 (1) sentence 1 f) GDPR (processing is necessary for the purposes of the legitimate interests pursued by the controller).
(Static) Usage Data We Receive from Social Networks
We receive automatically provided statistics concerning our accounts through insights functionalities. The statistics include, among others, the total number of page views, likes, information on page activities and post interactions, reach, video views/observations, and information on the male/female ratio among our fans/followers.
The statistics only contain aggregated data that cannot be traced back to individuals. We cannot identify users through this data.
Data Processed by Social Networks from You
To view the contents of our fan pages or accounts, you do not need to be a member of the respective social network, and thus no user account for the respective social network is required.
However, please note that social networks capture and store data from visitors of the respective social network without a user account (e.g., technical data to display the website) and use cookies and similar technologies over which we have no control. Details can be found in the privacy policies of the respective social network (see the respective links above).
If you want to interact with the content on our fan pages/accounts, e.g., comment on, share, or like our postings/posts, and/or wish to contact us via messenger functions, prior registration with the respective social network and the provision of personal data are required.
We have no control over the data processing by the social networks during your use. To our knowledge, your data is stored and processed by the social networks, especially in connection with the provision of the services of the respective social network, also for analyzing user behavior (using cookies, pixels/web beacons, and similar technologies) based on which advertising based on your interests is played both within and outside of the respective social network. It cannot be excluded that your data may also be stored outside of the EU/EEA by the social networks and transferred to third parties.
Information including the exact scope and purposes of the processing of your personal data, the duration of storage/deletion, and guidelines on the use of cookies and similar technologies in the context of registration and use of social networks can be found in the privacy policies/cookie guidelines of the social networks. There you will also find information about your rights and options to object.
When visiting our Facebook page, Facebook (Meta) collects your IP address and other information present in the form of cookies on your PC, among other data. This information is used to provide us, the operators of the Facebook pages, with statistical information about the usage of the Facebook page. Facebook provides more detailed information at the following link: facebook.com/help/pages/insights
The statistical information transmitted does not enable us to draw conclusions about individual users. We only use it to cater to our users' interests and to continuously improve and secure the quality of our online presence.
We collect your data via our fan page only to possibly facilitate communication and interaction with us. This collection typically includes your name, message contents, comment contents, and the profile information you have made "public."
The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel according to Art. 6 (1) f) GDPR. If you, as a user, have given your consent to the respective provider of the social network for data processing, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 GDPR.
Given that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. Therefore, the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of such rights is thus most effectively made directly to the respective provider.
We are jointly responsible with Facebook for the personal data contents of the fan page. Rights of affected individuals can be asserted with Meta Platforms Ireland Ltd. as well as with us.
Facebook primarily assumes responsibility according to the GDPR for the processing of Insights data, and Facebook fulfills all obligations under the GDPR with regard to the processing of Insights data. Meta Platforms Ireland Ltd. makes the essence of the Page Insights Supplement available to the affected persons.
We do not make decisions regarding the processing of Insights data and the storage duration of cookies on user devices.
For further information, please refer directly to Facebook (Supplementary Agreement with Facebook): www.facebook.com/legal/terms/page_controller_addendum
www.facebook.com/privacy/policy/
When visiting our Instagram page, Instagram (Meta) collects, among other things, your IP address and other information that exists in the form of cookies on your PC. This information is used to provide us, the operators of the Instagram pages, with statistical information about the usage of the Instagram page. Instagram provides more detailed information at the following link (Note: by clicking the following link, you will be directed to the social network Facebook's website, also part of the Meta group. However, the information provided via the link applies equally to the social network Instagram): facebook.com/help/pages/insights
The statistical information transmitted does not enable us to draw conclusions about individual users. We only use it to cater to our users' interests and to continuously improve and ensure the quality of our online presence.
We collect your data via our fan page solely to potentially facilitate communication and interaction with us. This collection typically includes your name, message content, comment content, and the profile information you have made "public."
The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel according to Art. 6 (1) f) GDPR. If you, as a user, have given your consent to the respective provider of the social network for data processing, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 GDPR.
Given that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. Therefore, the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of such rights is thus most effectively made directly to the respective provider.
We are jointly responsible with Instagram for the personal content of the fan page. Rights of affected individuals can be asserted with Meta Platforms Ireland Ltd. as well as with us.
Instagram primarily assumes responsibility according to the GDPR for the processing of Insights data, and Instagram fulfills all obligations under the GDPR with regard to the processing of Insights data. Meta Platforms Ireland Ltd. makes the essence of the Page Insights Supplement available to the affected persons.
We do not make decisions regarding the processing of Insights data and the storage duration of cookies on user devices.
For further information, please refer directly to Instagram (Supplementary Agreement with Facebook): www.facebook.com/legal/terms/page_controller_addendum
help.instagram.com/519522125107875/
These details can also be viewed in the help section of Instagram's website via the following link: help.instagram.com
Twitter is a social network operated by Twitter Inc., based in San Francisco, California, USA, which allows the creation of private profiles for individuals (Personal Account) as well as professional profiles for individuals and companies (Professional Account). On Twitter, users can compose short messages (known as "Tweets"), engage with the content of other users, for example, by creating so-called "Retweets", liking posts, sharing posts, and replying when other users mention or tag ("tag") them in content.
When using or visiting the network and thus when visiting our Twitter account, Twitter automatically collects data from users or visitors during use or visit, such as username and IP address, using tracking technologies, particularly through the use of cookies. Twitter provides users with information, offers, and recommendations based on the data collected in this way. This information is used to provide us, the operators of our Twitter page, with statistical information about the use of the Twitter page. More detailed information can be found in Twitter's privacy policy: twitter.com/privacy
The statistical information transmitted does not enable us to draw conclusions about individual users. We use this information to cater to the interests of our users and continuously improve and ensure the quality of our online presence.
We collect your data via our fan page solely to facilitate communication and interaction with us. This collection typically includes your name, message content, comment content, and the profile information you have made "public."
The processing of your personal data for our mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel according to Art. 6 (1) f GDPR. If you, as a user, have given consent to the respective provider of the social network for data processing, the legal basis of the processing extends to Art. 6 (1) a, Art. 7 GDPR.
Given that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. Therefore, the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of such rights is thus most effectively made directly to the respective provider.
We are jointly responsible with Twitter for the personal content of the fan page. Rights of affected individuals can be asserted with Twitter Inc. as well as with us.
Twitter primarily assumes responsibility according to the GDPR for the processing of Insights data, and Twitter fulfills all obligations under the GDPR with regard to the processing of Insights data. Twitter Inc. makes the essence of the Page Insights Supplement available to the affected persons.
We do not make decisions regarding the processing of Insights data and the storage duration of cookies on user devices.
For more information, including the exact scope and purposes of the processing of your personal data, the duration of storage/deletion, and guidelines on the use of cookies and similar technologies in the context of registration and use, please refer to Twitter's privacy and cookie policies:
Privacy Policy: twitter.com/privacy
Cookie Policy: help.twitter.com/rules-and-policies/twitter-cookies
LinkedIn is a social network operated by LinkedIn Inc., based in Sunnyvale, California, USA, which allows for the creation of private and professional profiles for individuals and company profiles. Users can maintain their existing contacts and make new ones within the social network. Companies and other organizations can create profiles to upload photos and other company information, presenting themselves as employers and hiring staff. Other LinkedIn users have access to this information and can write their own articles and share this content with others. The network focuses on professional exchange on specialist topics with people who have the same professional interests.
When using or visiting the network, LinkedIn automatically collects data from users or visitors during use or visit, such as username, job title, and IP address, using various tracking technologies. LinkedIn provides users with information, offers, and recommendations based on the data collected in this manner.
We collect your data via our company profile solely to facilitate communication and interaction with us. This collection typically includes your name, message content, comment content, and the profile information you have made "public."
The processing of your personal data for our mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel according to Art. 6 (1) f GDPR. If you, as a user, have given consent to the respective provider of the social network for data processing, the legal basis of the processing extends to Art. 6 (1) a, Art. 7 GDPR.
Given that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. Therefore, the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of such rights is thus most effectively made directly to the respective provider.
We are jointly responsible with LinkedIn for the personal content of our company profile. Rights of affected individuals can be asserted with LinkedIn Inc. as well as with us.
We do not make decisions regarding the data collected by LinkedIn using tracking technologies.
For more information about LinkedIn, please visit: about.linkedin.com
For more information about LinkedIn's privacy policy, please visit: www.linkedin.com/legal/privacy-policy
and for information about cookies, see: www.linkedin.com/legal/cookie-policy
Nature and Scope of Processing
We utilize Plausible Analytics by Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of visits to our online offer, visited subpages, and the duration of visitors' stay. This information is used, among other things, to compile reports on website activity.
Plausible Analytics does not use cookies, store information in the browser, nor collect personal data from visitors.
Purpose and Legal Basis
The use of Plausible Analytics is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG.
Storage Duration
The specific storage duration of the processed data is not determined by us but by Plausible Insights OÜ. For more information, please refer to the Plausible Analytics data policy: plausible.io/data-policy
Nature and Scope of Processing
We utilize jQuery CDN for the proper delivery of the contents of our website. jQuery CDN is a service provided by jQuery that acts as a Content Delivery Network (CDN) on our website.
A CDN helps to deliver content of our online offer, especially files like graphics or scripts, faster through the use of regionally or internationally distributed servers. When you access these contents, you establish a connection to the servers of jQuery, during which your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the purposes mentioned above and to maintain the security and functionality of jQuery CDN.
Purpose and Legal Basis
The use of the Content Delivery Network is based on our legitimate interests, i.e., interest in a secure and efficient provision, as well as optimization of our online offer according to Art. 6 (1) lit. f GDPR.
Storage Duration
The specific storage duration of the processed data is not determined by us but by jQuery. For more information, please refer to the privacy policy for jQuery CDN: www.stackpath.com/legal/privacy-statement/
Nature and Scope of Processing
We have integrated Vimeo Video on our website. Vimeo Video is a component of the video platform of Vimeo, LLC, where users can upload content, share it over the internet, and receive detailed statistics.
Vimeo Video allows us to integrate content from the platform into our website.
Vimeo Video uses cookies and other browser technologies to evaluate user behavior, recognize users, and create user profiles. This information is used, among other things, to analyze the activity of the listened content and to compile reports.
When you access these contents, you establish a connection to the servers of Vimeo, LLC, 555 W 18th St, New York, New York 10011, during which your IP address and possibly browser data such as your user agent are transmitted.
Purpose and Legal Basis
The use of the service is based on our legitimate interests, i.e., interest in a platform-independent provision of content according to Art. 6 (1) lit. f GDPR.
Storage Duration
The specific storage duration of the processed data is not determined by us but by Vimeo, LLC. For more information, please refer to the privacy policy for Vimeo Video: vimeo.com/privacy
Nature and Scope of Processing
We have integrated YouTube Video on our website. YouTube Video is a component of the video platform of YouTube, LLC, where users can upload content, share it over the internet, and receive detailed statistics.
YouTube Video enables us to incorporate content from the platform into our website.
YouTube Video uses cookies and other browser technologies to evaluate user behavior, recognize users, and create user profiles. This information is used, among other things, to analyze the activity of the content listened to and compile reports. If a user is registered with YouTube, LLC, YouTube Video can assign the played videos to the profile.
When you access these contents, you establish a connection to the servers of YouTube, LLC, Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, during which your IP address and possibly browser data such as your user agent are transmitted.
Purpose and Legal Basis
The use of the service is based on your consent according to Art. 6 (1) lit. a GDPR and § 25 (1) TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, particularly the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed on alternative appropriate safeguards in the sense of Art. 44 ff. GDPR with the recipients of the data. These are, unless otherwise specified, EU Commission Standard Contractual Clauses according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these Standard Contractual Clauses can be viewed at eur-lex.europa.eu/legal-content/EN/TXT/HTML/
Furthermore, before such a transfer to a third country, we obtain your consent according to Art. 49 (1) sentence 1 lit. a GDPR, which you provide via the consent manager (or other forms, registrations, etc.). We inform you that there may be risks associated with data transfers to third countries (e.g., the processing of data by security authorities of the third country, whose exact scope and consequences for you we do not know, over which we have no influence, and of which you may not be informed) that are not known in detail.
Storage Duration
The specific storage duration of the processed data is not determined by us but by YouTube, LLC. For more information, please refer to the privacy policy for YouTube Video: policies.google.com/privacy