Privacy Policy
Summary and content
Scope of application and consent
CT&T Medical GmbH is the operator of this website (hereinafter the "Website") and the data controller. This privacy policy describes the collection, use, disclosure, storage and protection of your personal data. It applies to this Website and to all applications, services or tools (collectively "Services") in which reference is made to this Privacy Policy, regardless of how you access or use the Services, including access via mobile devices. By using our Services and/or creating an account, you accept the terms of this Privacy Policy and you consent to the collection, use, disclosure, storage and protection of your personal information as described in this Privacy Policy.
Global data protection principles
This website is part of CT&T Medical GmbH. CT&T Medical GmbH has company-wide guidelines for the protection of your personal data, which are referred to as Binding Corporate Rules, BCRs. With these, we are committed to protecting your personal data and complying with our data protection obligations, regardless of where your personal data is collected, processed or stored in our group of companies.
Data collection
We collect, process and store personal data from you and the devices (including mobile devices) you use when you create an account with us, use our services, provide us with information via a web form, subscribe to our newsletter, add or update information to your account, order from us as a guest or contact us in any other way. We also use plug-ins to process payment transactions.
Use and storage
We use the personal data we collect for the following purposes: to provide and improve our services, to deliver orders to you, to contact you and to provide you with customer services. We retain personal data from active accounts for as long as it is necessary and essential for the provision of our services. In addition, we may retain personal information about closed accounts if required to do so by applicable law, to prevent fraud, to enforce claims, to troubleshoot problems, to assist with investigations, or to take other actions permitted or required by applicable law.
Choices
You can choose how we may use your personal data to contact you and send you marketing communications (newsletters).
Information, correction and deletion
Our aim is to ensure that the personal data we collect is accurate and up to date. We offer you the opportunity to access and update your data. You also have a statutory right of access and erasure in relation to your personal data.
Disclosure of information
We may disclose your personal data to third parties. Such disclosure may be necessary to provide you with access to our services, to comply with legal obligations, to enforce our Terms and Conditions, to enable our marketing and promotional activities, or to prevent, detect, mitigate and investigate fraudulent or illegal activities. We will not share your personal data with third parties for their marketing and promotional purposes without your express consent.
Data security
We use technical and organizational security measures to protect your data in order to minimize risks in connection with its loss, misuse, unauthorized access, unauthorized disclosure and modification. For example, we use firewalls and data encryption, physical access restrictions for our data centers and authorization controls for data access.
Questions or complaints
If you have any questions or complaints about this privacy policy or our handling of data, or if you would like to make a request for information or deletion, please contact us by e-mail at gdpr@chinatrading.ch or contact us using the contact form on our website. You can also contact us in writing: CT&T Medical GmbH, Pfarrmatte 6, 8807 Freienbach, Switzerland.
The company data protection officer of CT&T Medical GmbH can be contacted at the above address or at (gdpr@chinatrading.ch).
More detailed information
Scope of application and consent
This privacy policy describes the collection, use, disclosure, storage and protection of your personal data. It applies to this website and to all applications, services or tools (collectively "Services") in which reference is made to this Privacy Policy, regardless of how you access or use the Services, including access via mobile devices.
By using our Services and/or creating an account, you accept the terms of this Privacy Policy and you consent to the collection, use, disclosure, storage and protection of your personal data as described in this Privacy Policy. If you do not provide us with the data we require, we may not be able to provide you with all of our services.
CT&T Medical GmbH, Pfarrmatte 6, 8807 Freienbach is the controller of your data and is responsible for the collection, use, disclosure, storage and protection of your personal data in accordance with our privacy policy and applicable law.
Personal data
"Personal data" means information that can be assigned to a specific person or used to identify that person, regardless of whether this assignment or identification is made directly on the basis of this data or on the basis of this data and other additional information to which CT&T Medical GmbH has or is likely to have access. We do not consider data to be personal data if it has been anonymized or aggregated so that it can no longer be used in combination with other information or in any other way to identify a specific person.
Changes to this Privacy Policy
In the event of changes to this Privacy Policy, we will publish the amended Privacy Policy and the effective date of the amended Privacy Policy on this website. We therefore recommend that you read the privacy policy at regular intervals. We will only make changes that affect consent you have given by obtaining your consent again.
Our data protection principles
This website is part of CT&T Medical GmbH. CT&T Medical GmbH also operates the webshop on other country-specific domains. Our data protection principles, set out in our data protection guidelines and in addition in the data protection guidelines, apply to the entire business area.
Data collection
We collect, process and store personal data from you and the devices (including mobile devices) you use when you set up an account with us, use our services, provide us with information via a web form, subscribe to our newsletter, add or update information to your account, order from us as a guest or contact us in any other way. We also use plug-ins to process payment transactions.
The personal data that you provide to us when using our services or setting up an account with us may include the following:
-
Data that personally identifies you, such as your name, addresses, phone numbers, email addresses or user ID (if applicable) that you provide when you set up your account with us.
-
Other content that you generate or that relates to your account, e.g. payment information (e.g. credit card or bank account numbers).
-
In certain cases, you provide your age and gender when using our services.
-
Data you provide through a web form, by updating or adding data to your account or when we communicate with you for other reasons.
-
Recordings of telephone conversations, provided that your consent to the recording has been obtained in accordance with applicable law.
-
Data that we are required or authorized to collect and process under applicable national law and that we need for your authentication, identification or to verify the data we have collected.
The personal data that we automatically collect when you use our services or create an account with us may include the following:
-
Data collected from the devices you use when you interact with us, such as device ID or unique user ID, device type, ID, user's operating system.
-
Geolocation data, including location data from your mobile device. Please note that most mobile devices allow you to control the use of location data through an application in the settings menu of the mobile device.
-
Computer and connection information, such as statistical information about your page views, date and time of access, information about traffic to and from websites, referral URL, information about advertisements, your IP address, your browser history data and your weblog information.
Table 1: Cookies
COOKIE name / COOKIE description
XSRF-TOKEN / A security cookie used to prevent Cross-Site Request Forgery (CSRF) attacks.
_wixAB3 / Tracks A/B testing variations to optimize the website experience.
_wixCIDX / Stores a unique user ID for session identification and analytics.
_wixUIDX / A unique identifier used to recognize returning visitors.
_wix_browser_sess / Tracks the active browser session.
consent-policy / Records the user's cookie preferences, such as essential, functional, analytics, and advertising consent.
hs / Ensures the security of the session.
svSession / Stores the session ID for user authentication and session-related information.
userType / Indicates the type of user (e.g., "REGISTERED").
wixClient / Stores information about the user's login and activity on the Wix platform.
wixLanguage / Stores the selected language for the website.
wixSession2 / A secure session cookie containing user authentication and settings information.
Data about the pages you visit, the links you click on and other actions you take on our services and in our advertising or email content.
Cookies are used on the websites and mobile applications. A cookie is a short text file that is stored on your device and is used to analyze the use of a website or mobile application and to save settings between visits to a website or mobile application. Cookies do not contain any personal data. Most browsers are set to accept cookies automatically. However, you are free to set your browser so that cookies are generally rejected by selecting "do not accept cookies" in your browser settings. In this case, however, you may not be able to use all functions of the website and our services to their full extent.
To analyze the use of the websites and mobile applications, we also use various analysis tools (hereinafter referred to as "tool providers") that use cookies, including Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94.043 USA (for more information on Google Analytics and how to deactivate the service, please visit: https://tools.google.com/dlpage/gaoptout/). The information generated by the cookies about your use of this website or mobile applications is transmitted to a server of the relevant tool provider and stored there. This server may be located outside Switzerland (in the case of Google Analytics in the USA). The tool providers use this information to evaluate the use of the websites or mobile applications, for example to compile reports on website activity for us and for the members of the CT&T Medical group of companies and to provide other services relating to website activity and internet usage. This information may be passed on to third parties if this is required by law or if third parties process this data on behalf of the tool providers. Google has submitted to the Privacy Shield Framework. You can find more information about your rights in this regard at http://ec.europa.eu/justice/data-protection/document/citizens-guide_en.pdf. We assume no responsibility or liability for any data processing by external tool providers.
We may use technologies that are considered automated decision making or profiling. We will not make automated decisions about you that would significantly affect you unless such a decision is required under a contract we have with you, you have given your consent or we are required by law to use such technologies.
We would like to point out that payment experience, in particular regarding undisputed claims and claims that remain unpaid after they become due, as well as any debt enforcement information and address data, will be transmitted to CRIF AG in Zurich for lawful use as a credit agency. CRIF will use the data to check your identity and creditworthiness and disclose it to authorized third parties. The payment histories may be analyzed by CRIF on the basis of mathematical-statistical calculation methods for automated decision-making, in particular for the assessment of a person's creditworthiness. You can find more information at: www.mycrifdata.ch/#/dsg
Further information on our use of these technologies (including the "SZMnG" procedure for measuring reach) and how they can be restricted can be found in our statement on cookies, web beacons and similar technologies.
Personal data from other sources may include the following:
Information we obtain from third parties, such as demographic data that is publicly available, additional contact details, credit check data and information from credit reference agencies, to the extent permitted by applicable national law.
Information from social networks that we use to enable you to create an account, share information or connect your account to the relevant social network. These social networks may automatically provide us with access to certain personal data stored about you (e.g. content you have viewed, content you have liked and information about the advertisements you have seen or clicked on, etc.). If you give us access to a website with video content, you agree that we may share your viewing of videos with that social network or collect information about your viewing of videos from that social network for at least two (2) years or until you withdraw your consent. You control which personal data we can access via the privacy settings on the website of the respective social network and via the authorizations you give us when granting access. By granting us access to the information stored on the website of the respective social network, you agree that we may collect, use and store it in accordance with this privacy policy.
Information that other users may provide about you. Our policies require that the user providing information must inform the person whose information is being provided of our collection, use, disclosure and retention policies before the information is provided and obtain the express prior consent of that person.
Use and storage
We use the personal data we collect for the following purposes:
-
To provide and improve our services
-
To contact you and to provide you with customer services
-
To detect, prevent and investigate fraudulent or unlawful activity and where you have expressly consented to this, to send marketing communications
We retain personal data from active accounts for as long as it is necessary and essential for the provision of our services. In addition, we may retain personal information about closed accounts if required to do so by applicable law, to prevent fraud, to enforce claims, to troubleshoot problems, to assist with investigations, or to take other actions permitted or required by applicable law.
We use personal data for the purpose of providing, improving and personalizing our services, for example
-
To fulfill the contract concluded with you, to grant access to and use our services, in particular to publish advertisements and other user content
-
To display website content that includes services and articles that you may like
-
To access your history, internal messages (where applicable) and other features we offer
-
To provide credit offers and opportunities through other members of our group of companies and with their financial institution partners. In doing so, we ensure that we will only share financial information with the cooperating financial institutions with your explicit consent
-
To customize, measure and improve our services
-
To provide additional services requested by you
We may use geolocation data to provide you with location-based services (such as advertisements, search results and other personalized content)
We use personal data to contact you about your account and to provide customer service, for example
-
To contact you about your account, to resolve problems with your account and to enforce claims arising from the purchase of goods
-
To enforce applicable law or agreements we have with you
For these purposes, we may contact you by email, telephone, SMS or post
We use personal data to personalize our advertisements and marketing communications, for example
-
To personalize, evaluate and improve our advertisements
-
Where you have given your consent (or where permitted by law), we will use the contact details you provide to contact you by email, SMS, telephone or post to offer you discounts and promotions and to inform you about our services and those of our group of companies
-
To provide targeted marketing campaigns, service updates and promotional offers
We use personal data to prevent, detect, mitigate and investigate fraudulent and/or unlawful activities, for example
-
To prevent, detect, mitigate and investigate fraud, security breaches and potentially prohibited or unlawful activities
-
To enforce our Privacy Policy and other policies and guidelines
Retention of personal data:
We retain personal information from active accounts for as long as it is necessary for our operations or for other necessary purposes. We may retain personal information about closed accounts as necessary to comply with national law, prevent fraud, enforce our claims, troubleshoot problems, assist with investigations and take other actions permitted or required by applicable national law. When it is no longer necessary for us to retain your personal data, we will destroy it in a secure manner.
Choices
You can choose how we may use your personal data to contact you and send you marketing communications.
Preferences for marketing communications
If you do not wish to receive marketing communications or contact from us for marketing purposes, you can unsubscribe via the link in the email you receive or via the communication preference options in your account.
Advertisements
If you do not wish to receive personalized advertisements, you can opt-out or withdraw your consent using the programs described in our Cookies, Web Beacons and Similar Technologies Policy. As a result, you will no longer receive personalized advertising in the future, but personal data may still be collected as described in this privacy policy.
Further information on the display of personalized advertisements on our and third-party websites and how you can deactivate them can be found in our statement on cookies, web beacons and similar technologies.
Disclosure of information
We may share your personal data with other members of the CT&T Medical group of companies or third parties. Your personal data may be passed on to third parties who process it on our behalf as vicarious agents or for the provision of certain services, whereby data may also be transferred abroad. We ensure that the transferred personal data is adequately protected.
Such data transfer may be necessary to enable you to access our services, to comply with legal obligations, to enforce our General Terms and Conditions, to enable our marketing and advertising activities or to prevent, detect, contain and investigate fraudulent or unlawful activities. We limit the amount of personal data we share to what is directly relevant and necessary to achieve the stated purpose.
We do not share your personal data with third parties for their marketing and advertising purposes without your express consent.
We may disclose your personal data to the following third parties:
-
To members of the CT&T Medical group of companies who may use it for the following purposes:
-
To provide shared content and services (such as new registration, transactions and customer service)
-
To detect and prevent potentially fraudulent and unlawful activities and data security breaches
-
To provide personalized advertisements, improve their products, websites, applications, services, tools and marketing communications. However, members of the CT&T Medical group of companies will not send you marketing communications unless you have consented to receive them.
To third party service providers and financial institution partners who may use them for the following purposes:
-
To help us provide our services, payment processing services and personalized advertising
-
To enable delivery of purchased items and other delivery-related communications
-
To assist us in preventing, detecting, mitigating and investigating potentially unlawful activity, violations of our Terms and Conditions, fraud and/or security breaches, in connection with invoice collection, affiliate and rewards programs and other business transactions
-
If we also transfer personal data to third-party providers, this is done exclusively on the basis of a contract that restricts the use of the personal data by the third-party provider and obliges them to implement security measures in relation to this data. In particular, third-party providers are not permitted to sell, rent or in any other way pass on your personal data to third parties. In the case of transmission to members of our group of companies, such restrictions result from our joint binding corporate rules (see above).
To law enforcement authorities, to third parties in the context of legal proceedings and to legally authorized third parties:
-
To comply with our legal obligations, to defend legal claims, or to protect the rights, property or safety of third parties
-
To law enforcement authorities, government agencies or authorized third parties in response to a request for information in connection with a criminal investigation or suspicion of a crime, unlawful activity or other activity that may result in legal liability for us, you or another user
-
To rights holders who have entered into a confidentiality agreement with us in connection with an investigation of fraud, intellectual property infringement, product piracy or other unlawful activity, where we, in our sole discretion, deem it necessary or appropriate to do so
-
To credit reference agencies where permitted by applicable national law
-
To third parties involved in legal proceedings, if they provide us with a legal order, court order or equivalent legal order, or if we believe in good faith that disclosure of the data is necessary to avert imminent danger to life and limb or financial loss or to report a suspected unlawful act
Change of ownership
In the event of a merger with or acquisition by another company, we may share information with that company in accordance with our privacy policy. If such an event occurs, we will require the new combined company to comply with this Privacy Policy with respect to your personal information. If your personal data is collected, used, disclosed or stored for any purposes not set out in this Privacy Policy, you will be informed in advance of the processing of your personal data for these new purposes.
Data security
We protect your data with technical and organizational security measures in order to minimize risks in connection with loss, misuse, unauthorized access, unauthorized disclosure and modification. For example, we use firewalls and data encryption, physical access restrictions for our data centers and authorization controls for data access. If you suspect that your account has been misused, please contact us immediately and follow the instructions in the contact information section below.
Although we use all reasonable means to prevent the disclosure of data due to errors in data transmission and/or unauthorized access by third parties, we cannot accept any liability for such undesirable events.
Information, correction and deletion
Our aim is to ensure that the personal data we collect is correct and up to date. We offer you the opportunity to access and update your data.
You can access, review and change your personal information by logging into your account. Please update your personal data immediately if it changes or is incorrect.
Once you have posted something on the website, you may not be able to change or remove it. If you send us a deletion request, we will close your account and remove your personal data from public areas as soon as reasonably practicable based on your account activity and in accordance with applicable law.
Your legal right to access, correct or delete your personal data remains unaffected. The Data Protection Act grants you the right to know free of charge whether and what personal data we store about you. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period and the origin of your data if it was not collected by us. You have the right to object to the processing of your personal data by us. You can also ask us to delete your personal data or restrict its use. You also have the right to have incorrect data corrected and deleted.
You can send requests for information and deletion to gdpr@chinatrading.ch or contact us using the contact form on our website. You can also contact us in writing: CT&T Medical GmbH, Pfarrmatte 6, 8807 Freienbach, SwitzerlandThe company data protection officer of CT&T Medical GmbH can be contacted at the above address or at (gdpr@chinatrading.ch) .
If you have a legal right to information, correction or deletion of your personal data, we may, under certain circumstances and in accordance with applicable law, refuse to providesuch information or refuse to correct or delete your personal data. In these cases, however, we will give you our reasons for doing so.
If you withdraw your consent to the use or disclosure of your personal data for the purposes set out in this Privacy Policy, we may no longer be able to provide you with access to all of our services or provide customer service.
Important information
This section contains some additional important information related to your use of our Services that we need to address:
Unsolicited and threatening emails
We do not tolerate abuse of our services. You are not allowed to add other users to your email distribution lists, call them for commercial purposes or send them SMS messages for commercial purposes, even if the user has made a purchase from you, unless the user has given their express consent. Sending unsolicited or threatening e-mail or SMS messages is a violation of our Terms and Conditions.
Please report such spam or fraudulent emails to Customer Service.
Messaging tools
You may not use our messaging tools to send spam or other content that violates our Terms of Service. We automatically scan messages sent via these tools and may manually filter them to check for spam, viruses, phishing attacks and other malicious activity, illegal or prohibited content and block the message as a whole or the prohibited content if necessary. However, we do not permanently store the messages sent via these tools.
Data protection rules of third parties
This privacy policy only applies to the use and disclosure of personal data that we collect from you. If you disclose your data to third parties or if you are redirected to the website of a third party, their privacy policy applies. We cannot guarantee the confidentiality or security of your data after you have passed it on to a third party. We therefore recommend that you carefully review the privacy statements and data security policies of your trading partners before you carry out a transaction and pass on your data, even if this third party is a buyer or seller on our websites.
Questions or complaints
If you have any questions or complaints about this Privacy Policy or our handling of data, or if you wish to make a request for information or deletion, please contact us by e-mail at gdpr@chinatrading.ch or contact us via the contact form on our website. You can also contact us in writing: CT&T Medical GmbH, Pfarrmatte 6, 8807 Freienbach, Switzerland.
The company data protection officer of CT&T Medical GmbH can be contacted at the above address or at (gdpr@chinatrading.ch).