Imprint and Data Privacy

1. What is this privacy policy about?

Protecting and guaranteeing the security and confidentiality of the data that Leu Numismatik AG receives in the course of its business activities is extremely important to Leu Numismatik AG (hereinafter also “we”, “us”). In the course of our business activities, we obtain and process data concerning you or other persons (so-called “third parties”). The data we process relates to information about you and/or facts and things concerning you (“Data”).

The following privacy policy applies to all services, products, websites operated directly and/or indirectly by us (“our website”), apps and other services provided by us, our affiliates and our brands. For our services and our business activities, it is necessary to collect, record, organise, arrange, store, adapt, modify, read out, query, use, transmit, analyse, disseminate, delete and/or destroy data, in each case with or without the aid of automated processes (“processing” or “process”).

We strive to protect the security and confidentiality of data that we receive, obtain from publicly available sources and/or otherwise process in the course of our business.

We process data in accordance with Swiss law. Under certain circumstances foreign law may apply, in particular the General Data Protection Regulation of the European Union (hereinafter “GDPR”).

We undertake to comply with all relevant legal requirements and, as far as legally possible, also oblige our employees and third parties who process data on our behalf to do so, but without accepting any liability for this, as far as legally possible.

2. Who is responsible for processing your data?

Leu Numismatik AG, Stadthausstrasse 143, 8400 Winterthur is responsible for the processing of data, unless otherwise communicated in individual cases. Questions and requests regarding the processing of data should be sent in writing to the following address:

Leu Numismatik AG
Stadthausstrasse 143
CH-8400 Winterthur
info@leunumismatik.com

3. What data do we process?

We process different categories of data about you. The main categories are as follows:

• Contract data: This is data that arises in connection with the conclusion or processing of a contract, e.g. information about contracts and the services provided or to be provided, data from the run-up to the conclusion of a contract, the information required or used for processing and information about reactions. We usually store this data for 10 years from the last contract activity, but at least from the end of the contract.
• Technical data: When you use our website or other electronic offers, we automatically collect the IP address of your terminal device and other technical data to ensure the functionality (ensuring a smooth connection set-up and the best possible use of the website, continuous improvement and security (evaluation of system security and stability)) of these offers. The following data is temporarily stored in log files: IP address of the requesting end terminal, date and time of access, name and URL of the accessed file, website from which the access is made (so-called referrer URL), name of the access provider and general transmitted information about the device type and operating system of your end terminal and the browser type and browser version used (such as the geographical origin, language setting, add-ons used, screen resolution, etc.). We usually store technical data for 26 months. In order to ensure the functionality of these offers, we may also assign an individual code to you or your end terminal (e.g. in the form of a cookie, see section 11). The technical data in itself does not allow any conclusions to be drawn about your identity. However, in the context of user accounts, registrations, access controls or the processing of contracts, they may be linked to other categories of data (and thus possibly to your person).
• Registration data: Certain offers and services (e.g. login areas of our website, newsletter dispatch, etc.) can only be used with a user account or registration, which can be made directly with us or via our external login service providers. In doing so, you must provide us with certain data (double opt-in procedure), and we collect data on the use of the offer or service. Access controls to certain facilities may generate registration data. We usually store registration data for 3 months after the end of the use of the service or the termination of the user account.
• Communication data: When you contact us via the contact form, email, phone or chat, by letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the boundary data of the communication. If we want or need to establish your identity, we collect further data to identify you (e.g. a copy of an ID). We usually store this data for 3 months from the last exchange with you. This period may be longer insofar as this is necessary for reasons of proof or to comply with legal or contractual requirements, or is technically required. Emails in personal mailboxes and written correspondence are generally retained for at least 10 years.
• Master data: We refer to the basic data that we require in addition to the contractual data (see below) for the processing of our contractual and other business relationships or for marketing and advertising purposes as master data. This includes, for example, name, contact data and information, e.g. about your role and function, your bank account(s) (particularly relevant for customers who are consignors), your date of birth, customer history, powers of attorney, signature authorisations and declarations of consent. We generally store this data for 10 years from the last exchange with you, but at least from the end of the contract.
• Other data: We also collect data from you in other situations. In connection with official or judicial proceedings, for example, data is generated (such as files, evidence, etc.) that may also relate to you. The retention period of this data depends on the purpose, and is limited to what is necessary.

Much of the data mentioned in this section 3 is provided by you. Subject to individual cases, you are not obliged to do so. If you wish to enter into contracts with us or make use of our services, you must also provide us with data, in particular master data, contract data and registration data, as part of your contractual obligation under the relevant contract. When using our website, the processing of technical data is unavoidable. If you wish to gain access to certain systems, you must provide us with registration information.

To the extent permitted by law, we also take data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, media or the internet incl. social media), or receive data from authorities and from other third parties (such as credit agencies, address dealers, associations, contractual partners, internet analysis services, etc.).

4. For what purposes do we process your data?

The processing of data by us is carried out for the establishment, management and execution of contractual relationships and in order to be able to offer and perform our services for you in high quality. Furthermore, data is processed for the development, offering, further development and design of our services and products, for internal training purposes and quality control, for the maintenance and development of customer relationships, for expansion into other business areas, for obtaining quotes from insurance companies and other service providers, for advertising and marketing purposes, for preventing, detecting and combating misuse, for responding to justified official enquiries, for the purpose of contract processing, generally for the purpose of other commercial interests of ourselves and/or in connection with credit checks and collection activities, as well as with the enforcement of claims or other legal disputes which concern us or in which we have a legitimate interest or in which we are involved.

We may also process your data for security and access control purposes. In addition, we process your data to comply with laws, directives and recommendations from authorities and internal regulations (“Compliance”).

We also process data for the purposes of our risk management and as part of prudent corporate governance, including business organisation and corporate development.

Furthermore, we process your data for purposes related to communication with you, in particular to respond to enquiries and to assert your rights (section 10) and to contact you in the event of queries.

Further purposes of use of the data may result from the circumstances or from legal obligations, or may be indicated at the time of collection of the data in question.

5. On what basis do we process your data?

If we ask for your consent for certain processing, we will inform you separately about the corresponding purposes of the processing. You may revoke your consent at any time by written notice with effect for the future; our contact details can be found in section 2. If you have a user account, a revocation or contact with us can also be effected via the relevant website or other service, if applicable. Once we have received notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The revocation of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Where we do not ask you for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the initiation or execution of a contract with you (or the entity you represent), or that we or third parties have a legitimate interest in doing so, in particular to pursue the purposes and related objectives described above under section 4 and to be able to implement appropriate measures. Our legitimate interests also include compliance with legal regulations, insofar as this is not already recognised as a legal basis by the respective applicable data protection law. However, this also includes the marketing of our products and services, the interest in better understanding our markets, and the safe and efficient management and further development of our company, including its operations.

6. To whom do we disclose your data?

We may have the data processed by third parties, including abroad. We take reasonable steps to ensure that these third parties process the data only as we are permitted to do. You hereby expressly authorise us to disclose the data to third parties, including abroad.

In exceptional individual cases (e.g. misuse), data may also be disclosed to third parties for purposes other than those listed in this privacy policy or those provided for by law, provided that applicable law is not violated. We cannot control, guarantee or vouch that these third parties comply with the data protection provisions applicable to us; they process the data for their own purposes and may also do so abroad, where there may be no legal data protection as in Switzerland.

The transfer of data abroad may also occur when data is passed on to third parties, in particular when our services and products are used via social networks or other third-party offers and/or linked to these.

7. Does your personal data also end up abroad?

As explained in section 6, we also disclose data to other entities. These are not only located in Switzerland. Your data can therefore be processed both in Europe and in the USA; in exceptional cases, however, in any country in the world.

If a recipient is located in a country without adequate legal data protection, we contractually obligate the recipient to comply with the applicable data protection law, unless the recipient is already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the processing of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.

8. How long do we process your data?

We process your data for as long as our processing purposes, the legal retention periods and our legitimate interests of processing for documentation and evidence purposes require it, or for as long as storage is technically necessary. Further information on the respective storage and processing duration can be found for the individual data categories in section 3. If there are no legal or contractual obligations to the contrary, we will delete or anonymise your data after the storage or processing period has expired as part of our normal processes.

9. How do we protect your data?

We take reasonable security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to protect against the risks of loss, accidental alteration, accidental disclosure or unauthorised access.

10. What rights do you have?

Applicable data protection law grants you the right to object to the processing of your data in certain circumstances, in particular that for direct marketing purposes, profiling used for direct marketing and other legitimate interests in processing.

To help you control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:

• the right to request information from us as to whether and what data we are processing about you;
• the right to have us correct data if it is inaccurate;
• the right to request the deletion of data;
• the right to request that we provide certain personal data in a commonly used electronic format or transfer it to another controller;
• the right to withdraw consent, insofar as our processing is based on your consent;
• the right to receive, upon request, further information necessary for the exercise of these rights.

If you wish to exercise any of the above rights against us, please contact us in writing; our contact details can be found in section 2. In order for us to exclude misuse, we must identify you (e.g. with a copy of your ID card, if this is not possible otherwise).

Please note that conditions, exceptions or limitations apply to these rights under applicable data protection law (e.g., to protect third parties or trade secrets). We will inform you accordingly if necessary.

If you do not agree with our handling of your rights or data protection, please let us know. In particular, if you are located in the EEA, the United Kingdom or Switzerland, you also have the right to complain to the data protection supervisory authority in your country.

11. Do we use online tracking?

We use various technologies on our website that allow us and third parties we engage to recognise you when you use it and, in some circumstances, to track you across multiple visits. In this section we will inform you about it.

“Cookies", Facebook plugins (Like button), Twitter, Google Adsense, Google Analytics and Google +1 are applied on our website.

Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end terminal (laptop, tablet, smartphone or similar) when you visit our site.

Information is stored in the cookie that arises in each case in connection with the specific end terminal used. However, this does not mean that we thereby obtain direct knowledge of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your terminal device for a certain specified period of time. If you visit our site again to use our services, it is automatically recognised that you have visited it before and which entries and settings you made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you.

Facebook plugins (Like button)

Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. You can recognise the Facebook plugins by the Facebook logo or the “Like button” (“Like”) on our page. An overview of the Facebook plugins can be found here: http://developers.facebook.com/docs/plugins/.

When you visit our pages, a direct connection between your browser and the Facebook server is established via the plugin. Facebook thereby receives the information that you have visited our site with your IP address. If, while logged into your Facebook account, you click the Facebook “Like” button, you can link the content of our pages on your Facebook profile. This allows Facebook to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please see Facebook's privacy policy at https://www.facebook.com/about/privacy/.

If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Twitter

Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc, 795 Folsom St, Suite 600, San Francisco, CA 94107, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data such as IP address, browser type, domains accessed, pages visited, mobile carrier, device and application IDs, and search terms, among other things, are transmitted to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. Due to ongoing updates of Twitter's privacy policy, we refer to the latest version at (http://twitter.com/privacy). You can change your privacy settings on Twitter in your account settings at http://twitter.com/account/settings. Please contact privacy@twitter.com if you have any questions.

Google Adsense

This website uses Google AdSense, an advertising integration service provided by Google Inc (“Google”). Google AdSense uses “cookies”, which are text files placed on your computer, to allow the website to analyse how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons allow information such as visitor traffic on these pages to be analysed.

The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. Google may share this information with Google's contractors. However, Google will not merge your IP address with other data stored by you.

You may prevent the installation of cookies by selecting the appropriate settings in your browser; however please note that if you do this, you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data collected about you by Google in the manner and for the purposes set out above.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses so-called “cookies”, which are text files placed on your computer, to allow the website to analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in case of activation of IP anonymisation on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

You may prevent the installation of cookies by selecting the appropriate settings in your browser; however please note that if you do this, you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data collected about you by Google in the manner and for the purposes set out above.

Google +1

Using the Google +1 button, you can publish information worldwide. Via the Google +1 button, you and other users receive personalised content from Google and its partners. Google stores both the information that you gave +1 for a content and information about the page you viewed when you clicked +1. Your +1s may be displayed as notices along with your profile name and your photo in Google services, such as search results or your Google profile, or elsewhere on websites and ads on the internet.

Google records information about your +1 activities to improve Google services for you and others.

To use the Google +1 button, you need a globally visible, public Google profile, which must at least contain the name chosen for the profile. This name is used in all Google services. In some cases, this name may also replace another name you used when sharing content through your Google account. The identity of your Google profile may be displayed to users who know your email address or have other identifying information about you.

In addition to the uses explained above, the information you provide will be used in accordance with Google's applicable privacy policy http://www.google.com/intl/de/policies/privacy/. Google may publish aggregate statistics about users' +1 activity or share these statistics with our users and partners, such as publishers, advertisers or affiliated websites.

12. Can this privacy policy be changed?

This privacy policy may be amended at any time and without notice. The current version published on our website applies respectively. We reserve the right to supplement this privacy policy with additional privacy policies in individual cases.

Last updated: 01.10.2022

13. Newsletter, commercial communication

We may send newsletters or other (including commercial) content related to our services and products to all customers whose data we process to their address, number or app from time to time (“News”). We may use the services of mailchimp, bexio, zoho and other software providers to send the newsletter.

You hereby agree to the sending or display of News, but can stop this at any time and free of charge.

Under certain circumstances, the receipt of the News takes place through registration in a so-called double opt-in process. You will then receive an email, SMS or other message asking for confirmation of your registration. This confirmation is necessary so that no one can log in with an email address that is not theirs. Sign-ups to receive the News are logged in order to verify the sign-up process in accordance with legal requirements. This includes the storage of the login and confirmation time, as well as the IP address.

You can cancel the receipt of the News at any time and revoke your consents to receiving it. At the same time, the consent to send them via mail software providers and the statistical analyses expire. A separate revocation of dispatch via mailchimp, bexio, zoho and other software providers or the statistical analysis is not possible.

14. Consent

You explicitly and expressly consent to us processing the data as specified in this privacy policy.

You have the right to revoke this consent at any time. The revocation of your consent does not affect the lawfulness of the processing of the data carried out on the basis of your consent until revocation.

The revocation of your consent authorises us to immediately terminate the business relationship or to discontinue the provision of certain services, irrespective of other contractual agreements.  You acknowledge that the discontinuance of certain services by us does not constitute a breach of contract by us and/or relieve you of your financial and other contractual obligations.

15. Severability clause

If any provision of this privacy policy or the contents of an enclosure integrated in this privacy policy is or becomes invalid, this shall not affect the validity of the remainder of this privacy policy.

The invalid provision shall be replaced by a valid provision that comes as close as possible to the intended economic purpose of the invalid provision.

16. Applicable law and place of jurisdiction

Swiss law shall apply to the extent legally possible, excluding conflict of law rules, for all disputes arising from this privacy policy or for disputes concerning the data.

As far as legally possible, the courts at our registered office have jurisdiction for disputes arising from this privacy policy or for disputes concerning the data, unless otherwise stipulated by law.