Privacy policy

Privacy policy

In this privacy statement, we explain which personal data we collect and otherwise process. This is not an exhaustive description; other data protection declarations [or general terms and conditions, conditions of participation and similar documents] may regulate specific matters. Personal data means all information that relates to an identified or identifiable person. If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please make sure that these persons are aware of this privacy policy and only share their personal data with us if you are allowed to do so and if this personal data is correct.

We process personal data in accordance with Swiss data protection law such as, in particular, the Swiss Federal Act on Data Protection (Data Protection Act, DPA) and the Ordinance on Data Protection (Data Protection Ordinance, DPA).


Responsibility for the processing of personal data:
In individual cases, there may be other persons responsible for the processing of personal data.

Simon Keller AG
Dominic Keller

Lyssachstrasse 83 
CH-3400 Burgdorf


Collecting and processing personal data

We primarily process the personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved in it, or that we collect from their users in the operation of our websites, apps and other applications.

To the extent permitted, we also take certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, Internet) or receive such data from authorities and other third parties (such as credit agencies, address dealers). In addition to the data about you that you give us directly, the categories of personal data that we receive about you from third parties include, in particular, data from public registers, data that we learn in connection with official and legal proceedings, data in connection with your professional functions and activities (so that we can, for example, conduct business with your company with your help). (e.g. so that we can conclude and process transactions with your employer with your help), information about you in correspondence and meetings with third parties, creditworthiness information (insofar as we process transactions with you personally), information about you that is provided to us by people close to you (family, advisors, legal representatives, etc.). We may use this data to conclude or process contracts with you or involving you (e.g. references, your address for deliveries, powers of attorney, information on compliance with legal requirements such as anti-money laundering and export restrictions, information from banks, insurance companies, distributors and other contractual partners of ours on the use or provision of services by you (e.g. payments made, purchases made), information from the media and the Internet about you (where this is appropriate in the specific case, e.g. as part of a job application, press review, marketing/sales, etc.), your addresses and, where applicable, interests and other socio-demographic data (for marketing). e.g. in the context of an application, press review, marketing/sales, etc.), your addresses and, if applicable, interests and other sociodemographic data (for marketing), data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of visit, pages and content accessed, functions used, referring website, location information).

Purposes of data processing and legal basis

We use the personal data collected by us primarily to conclude and process our contracts with our customers and business partners, so in particular in the context of activities with our customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations at home and abroad. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.
In addition, we also process personal data of you and other persons, to the extent permitted and deemed appropriate, for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
- Offer and further development of our offers, services and websites, apps and other platforms on which we are present;
- Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
- Testing and optimizing procedures for needs analysis for the purpose of direct customer contact as well as collecting personal data from publicly available sources for the purpose of customer acquisition;
- Advertising and marketing (including the organization of events), insofar as you have not objected to the use of your data (if we send you advertising as an existing customer of ours, you can object to this at any time; we will then place you on a blocking list against further advertising mailings);
- Market and opinion research, media monitoring;
- Assertion of legal claims and defense in connection with legal disputes and official proceedings;
- Prevention and investigation of criminal offenses and other misconduct (e.g., conducting internal investigations, data analyses to combat fraud);
- Guarantees of our operations, in particular IT, our websites, apps and other platforms;
- Video surveillance to maintain house rules and other measures for IT, building and facility security and protection of our employees and other persons and assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone recordings);
- Purchase and sale of business units, companies or parts of companies and other transactions under company law and the associated transfer of personal data, as well as measures for business management and insofar as necessary to comply with legal and regulatory obligations and internal regulations.
Insofar as you have given us consent to process your personal data for specific purposes (for example, when you register to receive newsletters or conduct a background check), we process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.

Website use

Digital infrastructure / hosting

We use services from specialized third parties for digital infrastructure and website hosting.

PepperShop: Online store platform; Provider: Glarotech GmbH (Switzerland); Privacy policy information: Datenschutzerklärung.

We use extensions for our website to provide additional functionality..
We may collect the following information for each access to our website, provided that this information is transmitted by your browser to our server infrastructure or can be determined by our web server: Date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-page of our website accessed including amount of data transferred, website last accessed in the same browser window (referer or referrer).We store such information, which may also constitute personal data, in server log files. The information is necessary to provide our website permanently, user-friendly and reliable and to ensure data security and thus in particular the protection of personal data - also by third parties or with the help of third parties.
For security reasons and to protect the transmission of confidential content sent to the site operator, this website uses SSL or TLS encryption. This means that data transmitted via this website cannot be read by third parties. An encrypted connection can be recognized by the "https://" address line of the web browser and the lock symbol in the browser line.
In the case of data transmitted via the contact form, only contact data will be stored in order to be able to process inquiries or to be available for follow-up questions. This data will not be passed on without your consent. Data transmitted via the contact form will remain with us until you request us to delete it or there is no longer any need to store the data.
We typically use "cookies" and similar technologies on our website to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website. This allows us to recognize you when you return to this website, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your website visit ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time ("persistent cookies"). However, you can set your browser to reject cookies, store them for one session only, or otherwise delete them early. Most browsers are pre-set to accept cookies. We use persistent cookies to remember user preferences (e.g., language, autologin) and to help us better understand how you use our offerings and content. Certain of the cookies are set by us, and certain are also set by contractors with whom we work. If you block cookies, certain functionalities (such as language selection, shopping cart, ordering processes) may no longer work.
Tracking pixels
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels - also from third parties whose services we use - are small, usually invisible images that are automatically retrieved when you visit our website. With pixel counters, the same information can be collected as in server log files.


(Third-party services) The General Terms and Conditions (GTC) and Terms of Use as well as data protection declarations and other provisions of the individual operators of such platforms shall also apply in each case.
Notifications and communications
We send notifications and communications by email and via other communication channels such as instant messaging or SMS.
We also include visible and invisible image elements in some of our newsletters and other marketing emails, where permitted, which we retrieve from our servers to determine if and when you have opened the email so that we can measure and better understand how you use our offers and tailor them to you. You can block this in your email program; most are preset to do so. By using our website and agreeing to receive newsletters and other marketing emails, you consent to the use of these techniques. If you do not want this, then you must set your browser or e-mail program accordingly.
As a matter of principle, you must expressly consent to the use of your e-mail address and other contact addresses, unless such use is permitted for other legal reasons. For any consent, we use the "double opt-in" procedure where possible, i.e. you will receive an e-mail with a web link that you must click to confirm so that no misuse by unauthorized third parties can take place. We may log such consents including Internet Protocol (IP) address, date and time for evidence and security purposes.
We send notifications and communications using specialized service providers.
We use third-party services to embed selected fonts as well as icons, logos, and symbols on our website. «Datenschutz und Google Fonts» («Privacy and Google Fonts»)«Datenschutz und Datenerfassung».
Google Maps
This website may use the product Google Maps from Google Inc. By using this website, you consent to the collection, processing and use of automatically collected data by Google Inc, its representatives and third parties. The terms of use of Google Maps can be found under. «Nutzungsbedingungen von Google Maps».
Google Analytics
We sometimes use Google Analytics or similar services on our websites. This is a service provided by third parties that may be located in any country in the world (in the case of Google Analytics, it is Google Ireland (based in Ireland), Google Ireland relies on Google LLC (based in the USA) as an order processor (both "Google"),, with which we can measure and evaluate the use of the website (not on a personal basis). Permanent cookies are also used for this purpose, which are set by the service provider. We have configured the service so that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the USA and thus cannot be traced. We have switched off the settings "Data forwarding" and "Signals". Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles and link this data to the Google accounts of these individuals. If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then the responsibility of the service provider in accordance with its data protection provisions. The service provider only informs us how our respective website is used (no information about you personally).
Google Ads
This website uses the online marketing tool Google Ads by Google ("Google Ads"). Google Ads uses cookies to serve ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Via a cookie ID, Google records which ads are displayed in which browser and can thus prevent them from being displayed more than once. In addition, Google Ads can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Google Ads ad and later calls up the advertiser's website with the same browser and buys something there. According to Google, Google Ads cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. Through the integration of Google Ads, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that Google learns your IP address and stores it. You have the option to prevent the storage of the cookie on your device by making the appropriate settings in your browser.
We are present on social media platforms and other online platforms in order to communicate with interested persons and to provide information about our activities and operations. In connection with such platforms, personal data may also be processed outside of Switzerland.


We engage in e-commerce and use third party services to successfully provide services, content or goods.


We use specialized service providers to process our customers' payments securely and reliably. The legal texts of the individual service providers, such as the General Terms and Conditions (GTC) or data protection declarations, also apply to the processing of payments.

Data transfer and data transmission abroad

We generally process personal data in Switzerland. However, we may also disclose or export personal data to other countries, in particular in order to process it or have it processed there.

We may disclose personal data to countries whose laws do not ensure adequate data protection, provided that adequate data protection is ensured for other reasons. Appropriate data protection may be ensured, for example, through appropriate contractual agreements, on the basis of standard data protection clauses or with other appropriate guarantees. Exceptionally, we may export personal data to countries without adequate or appropriate data protection if the special data protection requirements are met, for example the express consent of the data subjects or a direct connection with the conclusion or performance of a contract. We will be happy to provide data subjects with information about any guarantees or provide a copy of any guarantees upon request.

Data security

We take appropriate technical and organizational security precautions to protect your personal data from unauthorized access and misuse.For security reasons and to protect the transmission of confidential content sent to the site operator, this website uses SSL or TLS encryption. This means that data transmitted via this website cannot be read by third parties. An encrypted connection can be recognized by the "https://" address line of the web browser and the lock symbol in the browser line.We cannot guarantee absolute data security.Our digital communication - like all digital communication in principle - is subject to mass surveillance and other monitoring by security authorities in Switzerland, the rest of Europe, the United States of America (USA) and other countries without any reason or suspicion. We cannot directly influence the corresponding processing of personal data by secret services, police authorities and other security agencies.

Obligation to provide personal data

In the context of our business relationship, you must provide the personal data that is required for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations (you do not usually have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into or perform a contract with you (or the entity or person you represent). Also, the website cannot be used if certain traffic-securing information (such as IP address) is not disclosed.

Rights of the data subject

We grant data subjects all rights in accordance with applicable data protection law. In particular, data subjects have the following rights:

Information: Data subjects may request information as to whether we process personal data about them and, if so, what personal data is involved. Data subjects also receive the information required to assert their data protection rights and to ensure transparency. This includes the personal data processed as such, but also, among other things, information on the purpose of processing, the duration of storage, any disclosure or export of data to other countries and the origin of the personal data.

Correction and restriction: Data subjects can have incorrect personal data corrected, incomplete data completed and the processing of their data restricted.

Deletion and objection: Data subjects can have personal data deleted ("right to be forgotten") and object to the processing of their data with effect for the future.

Data release and data transfer: Data subjects may request the surrender of personal data or the transfer of their data to another data controller.We may suspend, limit or refuse the exercise of data subjects' rights to the extent permitted by law.
We can inform data subjects of any requirements that must be met in order to exercise their rights under data protection law. For example, we may refuse to provide information in whole or in part with reference to business secrets or the protection of other persons. We may, for example, also refuse to delete personal data in whole or in part with reference to statutory retention obligations.We may exceptionally provide for costs for the exercise of rights. We are obliged to take appropriate measures to identify data subjects who request information or assert other rights. Data subjects are obliged to cooperate.
We may exceptionally provide for costs for the exercise of rights. We will inform data subjects in advance of any costs.
We are obliged to take appropriate measures to identify data subjects who request information or assert other rights. Data subjects are obliged to cooperate.
Right of appeal
Data subjects have the right to enforce their data protection claims through legal channels or to lodge a complaint with a competent data protection supervisory authority.Data protection supervisory authority for private data controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).


We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.