Punkt. is committed to protecting and respecting your privacy; for this reason, we collect and manage your personal data carefully and take specific measures to keep it safe.
We also provide information about your rights with reference to the specific processing of your personal data.
Supplementary or additional statements and other legal acts such as the Terms and Conditions of Sale apply to individual or additional offers and services.
This policy, based on our core business, is subject to Swiss data protection law and any other applicable foreign data protection law, in particular the European Union (EU), namely the General Data Protection Regulation (GDPR). It also ensures that Swiss data protection law guarantees a high standard of data protection
Punkt Tronics AG
Via Losanna 4, 6900 Lugano, Switzerland
+41 91 924 9003
VAT ID: CHE-114.634.022 IVA
Company registration number: CH-501.3.011.937-5
Personal data means all information concerning a specific or determinable person. The individual concerned is the person whose personal data are processed.
Personal data worthy of special protection are data concerning religious, philosophical, political or trade union opinions or activities, data concerning health, the intimate sphere or membership of a race or ethnic group, genetic data, biometric data that uniquely identify a natural person, data concerning administrative and criminal prosecutions and sanctions, and data concerning social welfare measures;
Processing includes any processing of personal data, irrespective of the means and methods used, storage, disclosure, obtaining, deletion, recording, modification, deletion, and use of personal data.
Communication shall mean the transmission of personal data or the act of making them accessible to third parties.
Profiling means the automated processing of personal data consisting of the use of such data to evaluate certain personal aspects of a natural person, to analyse or predict aspects of that person's professional performance, economic situation, health, preferences, interests, reliability, behaviour, whereabouts and movements. High-risk profiling means profiling which entails a high risk to the personality or fundamental rights of the individual concerned because it involves a connection between data which makes it possible to assess essential aspects of the personality of a natural person.
The European Economic Area (EEA) comprises the European Union (EU) and the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) defines the handling of personal data as the processing of personal data.
We process personal data in accordance with Swiss Data Protection law, in particular the Federal Data Protection Act (FADP) and the Ordinance on the Federal Data Protection Act (DPO).
For the most part (and to the greatest extent possible) data are processed in Switzerland.
As far as the applicability of the GDPR is concerned, the data is processed according to the following legal bases, specifically:
The categories of personal data that Punkt. collects and processes when you browse or purchase via punkt.ch, are:
Your personal data is collected and processed by Punkt. for the following purposes:
If you wish to authorise the activities referred to in points 5g. and 5h. and subsequently you no longer wish to receive further communications from Punkt. or you want to limit the means by which you are contacted, you can stop these communications at any time by simply clicking on the "unsubscribe" link present at the bottom of each communication, or by contacting Punkt. through Customer Services or through the email address specified in this document.
In relation to all the activities indicated above, we shall process your personal data mainly using IT and electronic tools; the tools we use guarantee high safety standards in full compliance with current legislation. If you transfer us personal data relating to third parties, you shall be obliged to ensure data protection with regards to such third parties and to ensure the accuracy of such personal data. We also process personal data that we receive from third parties, that we obtain from publicly accessible sources or that we collect in the course of providing our services, if and insofar as such processing is permitted by law.
We use your personal data only in the presence of one of the conditions provided for by the law in force, and specifically:
The contribution of your personal data to these activities is a contractual obligation. You are free to communicate your data or not, but in the absence of the requested data, it will not be possible to conclude or execute the agreement and your requests. This means that you will not be able to purchase the products and you will not be able to use the Punkt. and its affiliated partners’services and that we shall not be able to handle your requests;
Your personal data will be processed by staff specifically trained by Punkt.
Your personal data will also be transmitted to third parties that we use to provide our services; these third parties have been appropriately selected and are certified as GDPR-compliant. These third parties have been appointed as data controllers and carry out their activities according to the instructions given by Punkt. and under its control. The third parties in question belong to the following categories: banking operators, internet providers, companies specialised in IT and telematics; couriers; companies that carry out marketing activities; companies specialised in market research and data processing.
The list of external managers is available upon written request to our email address: email@example.com
Your data may be transmitted to police and judicial and administrative authorities, in accordance with the law, for the detection and prosecution of crimes, the prevention and protection from threats to public security, to allow Punkt. to ascertain, exercise or defend a right in court, as well as for other reasons related to the protection of the rights and freedoms of others.
Some of the third parties may be located in countries outside the European Union that nevertheless offer an adequate level of data protection, as established by specific decisions of the European Commission.
We retain your personal data for a limited period of time, which is different depending on the type of activity that involves the processing of your personal data.
After this period, your data will be permanently erased or otherwise rendered anonymous in an irreversible way.
Your personal data is stored in compliance with the following terms and criteria:
We guarantee you all the rights under the FADP. In particular, you can exercise your rights at any time with reference to the specific processing of your personal data by Punkt.:
We may suspend, limit or refuse the exercise your rights to the extent permitted by law. We may draw your attention to any requirements that must be met in order to exercise your rights under the FADP. For example, we may refuse to provide information, in whole or in part, with regard to business secrets or the protection of other persons. We may also, for example, refuse to delete personal data in whole or in part with reference to statutory retention obligations.
When you request information or assert other rights we are obliged to take reasonable measures to identify you. You are obliged to cooperate.
We protect your personal data with specific technical and organisational security measures, aimed at preventing your personal data from being used illegitimately or fraudulently. In particular, we use security measures that guarantee: the pseudo-anonymisation or the encryption of your data; the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them; the ability to restore data in the event of a data breach. However, despite these measures, the processing of personal data on the Internet can always have security gaps. We can therefore not guarantee absolute data security. Access to our website is via transfer encryption (SSL/TLS, in particular with Hypertext Transfer Protocol Secure, abbreviated HTTPS). Most browsers mark the transfer encryption with a padlock in the address bar. Access to our website is subject - as it is basically the case for all Internet surfing - to constant and suspicion-free sweeping and other checks by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We cannot exert any direct influence on the proper handling of personal data by intelligence services, police forces and other security authorities.
If you believe that the processing of your personal data has been carried out unlawfully, you can lodge a complaint to one of the supervisory authorities responsible for compliance with the rules on personal data protection. The data protection supervisory authority for private data controllers and federal agencies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). You have the right - if and insofar as the GDPR applies - to lodge a complaint with a competent European data protection supervisory authority.
We may use specialised audio and video conferencing services to communicate online. For participation in audio and video conferences, the legal provisions of each individual services, such as data protection policies and conditions of use, also apply. Depending on the situation, we recommend deactivating the microphone by default when participating in audio or video conferences, as well as blurring the background or imposing a virtual background. We use in particular:
Microsoft Skype: among others; provider: Microsoft; specific information on Skype: 'Microsoft Privacy Statement’
In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line with Klarna’s own privacy notice.
Billpay’s/Klarna’s payment options: In order to be able to offer you Klarna’s payment options and to assess whether you qualify for their payment options and tailor the payment options for you, we might in the checkout pass your personal data in the form of contact and order details to Klarna and Billpay. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s [de, fr, it or en versions] and Billpay’s [de, fr, it or en versions] privacy notices.
The processing of your personal data is carried out by Punkt. in full compliance with the regulations on the matter pursuant to the Federal Data Protection Act and the Regulation (EU) 2016/679 General Data Protection Regulation.
The full version of the Punkt mobile devices End-user Licence Agreement (EULA) can be accessed here, please read this before Punkt. Mobile devices.
The full MP02 Disclaimer is available here.
The full Punkt mobile devices Data Protection Policy is available here.
The full Pigeon Data Protection Policy is available here.
We reserve the right to adapt and supplement this Data Protection Policy at any time. We will provide information on such adaptations and supplements in an appropriate form, by publishing the updated version of the Data Protection Policy on our website.