Privacy Policy

When you use our Website or Services, we may collect or receive personal data for a variety of purposes related to our business operations. This may include the following:

• Data relating to enquiries (e.g. details of your enquiry and related communications)
• Contact details (e.g. name, address, email addresses, telephone numbers)
• Login data (e.g. password, username, session)
• Contract data (e.g., account numbers, invoices, products ordered)
• Website visitor data (e.g., IP addresses, log files)
• Purchase information (e.g., type and specification of goods or services purchased, delivery information, contact details)

We collect information about our users when they use our website or services, including certain actions on the website.

Directly

• When you or your organization offer or provide services to us.
• When you or your organization use our services.
• When you correspond with us electronically.
• When you or your organization browse our website, fill out a form, make an inquiry, or otherwise interact with us.

Indirectly

• From public sources; from public registers (e.g., commercial registers), news articles, and internet research.
• From third parties such as social media plugins and third-party cookies.

Our legal basis for collecting and using the personal data described in this privacy policy depends on the personal data we collect and the specific purposes for which we collect it.

Contract: To fulfill our contractual obligations or take steps in connection with a contract with you. In particular:

• To provide our services.
• To offer you our goods.

Consent: We may rely on your consent, which you voluntarily gave at the time you provided your personal data. In particular:

• To provide users with news, special offers, newsletters, and general information about the goods and services we offer.

Legitimate interests: We may rely on legitimate interests based on our assessment that the processing is fair and reasonable and does not override your interests or fundamental rights and freedoms. Specifically:

• To maintain and improve our website and services.
• To develop new services.

Necessity to comply with legal obligations: To fulfill legal and public interest obligations. Specifically:

• To comply with applicable regulations and laws.
• To enforce claims and rights in court.

3.1 Newsletter

We may send newsletters and other notifications by email and other communication channels. We may have newsletters and other notifications sent by third parties or send them with the help of third parties.

In principle, you must expressly consent to the use of your email address and other contact addresses, unless the use is permitted for other legal reasons. For emails, we use the "double opt-in" method for consent, i.e., you will receive an email with a web link that you must click on to confirm your consent, so that no misuse by unauthorized third parties can occur. We may log such consents, including Internet Protocol (IP) address, date, and time.

Newsletters and other notifications may contain web links or tracking pixels that record whether an individual newsletter or notification has been opened and which web links have been clicked (performance measurement). Such web links and tracking pixels record the use of newsletters and other notifications. We need this statistical recording of usage, including success and reach measurement, in order to be able to offer newsletters and other notifications in an effective and user-friendly manner, as well as permanently, securely, and reliably, based on the reading habits of the recipients.

You can unsubscribe from newsletters and other notifications at any time and thus object to the aforementioned usage survey in particular. You can do this by contacting us directly or by following the link in the footer of each newsletter we send you.

The company may engage third-party companies ("service providers") to facilitate the operation of our website, assist in analyzing website usage, or provide services related to the website and our offerings to you, such as payment and the provision of IT infrastructure services. These third parties only have access to the user's personal data to the extent necessary to perform these tasks on behalf of the company.

Categories of service providers who may access your personal data:

• Tax advisors and insurance companies
• Banks and payment service providers
• Professional advisors we use, such as auditors and lawyers
• Other group companies within our corporate group
• Third-party providers who help us analyze customer insights, such as marketing service providers or Google Analytics
• Government or regulatory authorities

We and/or service providers may transfer your personal data to the following locations and process it there:

• EU/EEA
• USA

We may use service providers who are located in so-called third countries (outside the European Union or the European Economic Area or Switzerland) or who process personal data there, i.e. in countries whose level of data protection does not correspond to that of the EU or Switzerland. We protect your personal data in accordance with our contractual obligations and applicable data protection laws when we transfer data abroad.

Such protective measures may include:

• transfer to countries that offer an adequate level of protection according to the country lists published by the Federal Data Protection and Information Commissioner, as well as countries for which an adequacy decision has been issued by the European Commission;
• application of standard contractual clauses, binding corporate rules, or other standard contractual obligations that ensure adequate data protection.

If a transfer to a third country takes place and there is no adequacy decision or suitable safeguards, it is possible and there is a risk that authorities in the third country (e.g., secret services) may gain access to the transferred data and that the enforceability of the rights of data subjects cannot be guaranteed.

We may disclose your personal data if we believe in good faith that such action is necessary:

• To comply with a legal obligation (i.e., if required by law or in response to legitimate requests from authorities such as a court or government agency);
• To protect the security of the website and defend our rights or property;
• To prevent or investigate possible misconduct in connection with us;
• To defend ourselves against legal liability.

We use appropriate technical and organizational security measures to protect your stored data from manipulation, loss, or unauthorized access by third parties. Our security measures are continuously adapted in line with technological developments.

We also take internal data protection very seriously. Our employees and the service providers we commission are obliged to maintain confidentiality and comply with the applicable data protection laws. Furthermore, they only have access to personal data to the extent necessary for the performance of their respective tasks or assignments.

The security of your personal data is important to us, but please bear in mind that no method of transmission over the Internet or electronic storage is 100% secure. Although we strive to protect your personal data with commercially reasonable means, we cannot guarantee absolute security. We recommend the use of antivirus software, a firewall, and other similar software to protect your system.

You have the following data protection rights. To exercise these rights, you can contact us at the above address or send an email to: mungo@mungo.swiss. Please note that we may ask you to verify your identity before responding to such requests.

• Right of access: You have the right to request a copy of your personal data, which we will provide to you in electronic form.
• Right to rectification: You have the right to ask us to correct our records if you believe they contain incorrect or incomplete information about you.
• Right to withdraw consent: If you have consented to the processing of your personal data, you have the right to withdraw that consent with effect for the future. This also applies if you wish to unsubscribe from marketing communications. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose(s) to which you originally consented, unless there is another legal basis for the processing. To stop receiving emails from us, please click on the “Unsubscribe” link in the email you received or contact us at rmungo@mungo.swiss.
• Right to erasure: You have the right to request that we erase your personal data if it is no longer necessary for the purposes for which it was collected or if it has been processed unlawfully.
• Right to restriction of processing: You have the right to request the restriction of the processing of your personal data if you believe that the data is inaccurate, the processing is unlawful, or we no longer need to process the data for the original purpose, but we cannot delete it due to a legal obligation or because you do not wish us to do so.
• Right to data portability: You have the right to request that we transfer your personal data in a standard format such as Excel to another controller, provided that the data is data that you have provided to us and we process it on the legal basis of your consent or to fulfill our contractual obligations.
• Right to object to processing: If the legal basis for the processing of your personal data is our legitimate interest, you have the right to object to this processing on grounds relating to your particular situation. We will comply with your request unless we have a compelling legal basis for the processing that outweighs your interests, or we need to continue processing the personal data to exercise or defend a legal claim.
• Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law. You are entitled to contact the competent supervisory authority – in Switzerland, the Federal Data Protection and Information Commissioner, Feldeggweg 1, CH – 3003 Bern, info@edoeb.admin.ch.

Our website may contain links to websites or apps that are not operated by us. If you click on a third-party link, you will be redirected to that third party's website or app. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

We maintain online presences on social networks in order to communicate with customers and interested parties and to provide information about our products and services, among other things. If you have an account with the same network, it is possible that the information and media you make available there may be viewed by us, for example when we visit your profile. In addition, the social network may enable us to contact you. The communication of content via the social network and the processing of content data is the responsibility of the social network. As soon as we transfer personal data to our own system, we are independently responsible for it. This is done for the purpose of implementing pre-contractual measures and fulfilling a contract. Please refer to the privacy policies of the social networks for the legal basis of the data processing carried out by them on their own responsibility.

Our website uses the Google Maps map service, which is provided for people in Switzerland and the European Economic Area by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. In order for the Google map material we use to be integrated, your web browser must connect to a Google server, which may also be located in the US, when you visit our website. By integrating the map material, Google receives information that a page on our website has been accessed from the IP address of your device.

Our website uses the YouTube video service, which is offered to people in Switzerland and the European Economic Area by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Grand Canal Dock, Dublin 4, D04 V4X7, Ireland. When you visit a page on our website with an embedded YouTube video, your browser connects to YouTube's servers, transferring your personal data—e.g., IP address, technical information about your browser type and operating system, activities you perform on our website—to YouTube servers, which may also be located in the US, regardless of whether you have a YouTube account or not. In addition, YouTube is able to track your behavior as soon as you start watching the videos. If you watch YouTube videos on our website while logged into your YouTube profile, your behavior while watching our embedded YouTube video may also be linked to your YouTube account. If you do not want this to be associated with your YouTube profile, you must log out of YouTube before visiting our website.

We may update our privacy policy from time to time. We therefore recommend that you check this privacy policy regularly for changes. Changes to this privacy policy will take effect when they are published on this page.

If you have any questions about this privacy policy, please contact our data protection officer:

Andreas Homann

MUNGO Befestigungstechnik AG

E-mail: andreas.homann@mungo.swiss

He will be happy to assist you as your contact person.