Version from 16.04.2024

The protection of your privacy is important to us. In this privacy policy, we, the artFAQ association (hereinafter artFAQ, we or us), explain how we collect and otherwise process personal data. Personal data refers to all information relating to an identified or identifiable person.

If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please ensure that these persons are aware of this privacy policy and only share their personal data with us if you are authorised to do so and if this personal data is correct.

1. Responsible body / representative :innen

Responsible for the data processing that we describe here is

Association artFAQ
Aemtlerstrasse 23
8003 Zurich
Switzerland

Authorised representatives:
Kathrin Walde and Regula Spirig (Co-Direction artFAQ)

If you have any data protection concerns, you can send them to the following contact address: info@artfaq.ch

2. Data processing: purpose and disclosure

As part of our business activities or when you use the website www.artfaq.ch (hereinafter referred to as the website), we may process various categories of personal data for different purposes. In particular, we process the following personal data about you for the following purposes:

Communication
We process personal data so that we can communicate with you about artFAQ's offers and news. Communication takes place, for example, in the form of newsletters, via our Telegram channel, by email or via social media. Information on the transfer of your data to third-party providers (Mailchimp, Telegram, meta, LinkedIn) can be found in section 4. As part of the communication, we process in particular the content and metadata of the communication as well as your contact details. Your registration and confirmation is required for the newsletter. Your registration is also required for the Telegram channel. You have the option of cancelling your registration and unsubscribing from the communication at any time.

Operation of our website
In order to operate our website securely and stably, we collect technical data such as IP address, information on the operating system and settings of your end device, region, time and type of use. We also use cookies, social media plug-ins and embed forms. Further information on this can be found in section 6.

Offers
We collect personal data to enable participation in our offers. In particular, we collect the following data in connection with our offers:

1. registration for offers
For certain offers and services such as events and courses, registration via the registration form or by e-mail is required. For this purpose, we process the data provided during the respective registration. The data is stored in the WIX account or on the artFAQ internal Google Drive for as long as necessary. The data will be passed on to partners (e.g. the Kulturmarkt, course instructors, event partners) or other third parties if this is necessary for the realisation of the course or event.

2. online events
Online events are recorded with the verbal consent of all attendees and uploaded to the password-protected Vimeo channel. For online participation in events, we use the Zoom software, which receives data from you when you log in. Further information on this can be found in section 4.

3. documents for consultations
For the purpose of consultations, we receive documents such as dossiers, budget plans, association documents or similar from users of the counselling service via e-mail or in physical form. Some of these documents contain personal data. The documents are not passed on to third parties.

4. data in relation to match
In order to enable the match offer, we collect contact data for the operation of an e-mail distribution list. You can unsubscribe from the mailing list at any time.

Analysis and statistics
In order to continuously improve our website, services and other (electronic) offers (e.g. newsletters), we collect data about your behaviour and preferences, for example by analysing how you navigate through our website and how you interact with our social media profiles and other electronic offers (e.g. newsletters). For this purpose, we also process direct or indirect feedback from you on our website, our social media presences and other electronic offers, as well as other feedback on our services. Some of the analyses of your use of our electronic services are carried out by third-party providers (WIX, Mailchimp, etc.). Information on these third-party providers can be found in section 4.

For the purpose of analysis and statistics and for evaluation purposes, we collect personal data, such as contact details, reason for use, etc., which enable us to monitor and optimise the use, capacity utilisation and quality of our services. This data is passed on to third parties in anonymised form for evaluation purposes and published anonymously in the annual report.

Job application
If you apply to artFAQ, we process the relevant data for the purpose of reviewing and assessing the application, carrying out the application process and, in the case of successful applications, preparing and concluding a contract. For this purpose, in addition to your contact details and the information from the corresponding communication, we process in particular the data contained in your application documents as well as the data that we additionally receive about you from job-related social networks, the Internet, the media and references (if you consent to the collection of references). In the case of application procedures that are carried out in partnership with another organisation, persons from the partner organisation will also receive the application documents. Data processing in connection with an employment relationship at artFAQ (permanent or hourly-paid) is regulated in the employment contract.

Other purposes
Other purposes include, for example, training and educational purposes as well as administrative purposes (e.g. accounting).

3. Source of the data

From you: You provide us with a large part of the data that we process (e.g. as part of our offers, your use of our website and your communication with us). Some of this data is also automatically transmitted to us by your end device. With certain exceptions (e.g. legal obligations), you are not obliged to disclose your data. The provision of certain data is necessary, for example, in order to take advantage of our offers. The use of our website is also not possible without data processing.

From third parties: We may collect data from publicly available sources (e.g. media or the Internet, including social media) or receive such data from authorities or organisations that have a relationship with us or otherwise do business with us, as well as from other third parties (e.g. associations, contractual partners, Internet analysis services, etc.).

4. Data transfer to third-party providers and data transfer abroad

We also share personal data with third-party providers when necessary to conduct our business activities. Some of these third-party providers are located in Switzerland, but they may be located anywhere in the world, for example in other European countries and the USA.

In particular, we currently use the services of the following service providers and third-party providers, whose contact details and further information on the individual data processing can be found in the respective data protection notices:

WIX
Provider:in: Wix.com Inc., Israel
Privacy Policy: https://de.wix.com/about/privacy-dpa-users

Mailchimp

Provider:in: Rocket Science Group, USA
Data protection notice: https://mailchimp.com/de/legal/data-processing-addendum/

Google Drive
Provider:in: Google LLC, USA

Data protection notice: https://cloud.google.com/terms/data-processing-addendum

Instagram/Facebook
Provider:in: Meta Platforms Ireland Ltd, Ireland
Privacy Policy: https://privacycenter.instagram.com/policy
https://www.facebook.com/legal/Workplace_GDPR_Addendum

LinkedIn
Provider:in: LinkedIn Ireland Unlimited Company, Ireland
Privacy Notice: www.linkedin.com/legal/privacy-policy?

Telegram
Provider:in: Telegram FZ-LLC, Russia

Data protection notice: https://telegram.org/privacy?setln=it

Zoom
Provider:in: Zoom Video Communications, Inc., USA

Data protection notice: https://explore.zoom.us/docs/doc/Zoom_GLOBAL_DPA.pdf

Cyon

Supplier:in: cyon GmbH, Switzerland

Data protection: https://www.cyon.ch/legal/avv

If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection law (we use the revised standard contractual clauses of the European Commission, which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision.

5. Rights of the users

You have certain rights
in connection with our data processing. In particular, in accordance with applicable law, you can request information about the processing of your personal data, have incorrect personal data corrected, request the deletion of personal data, object to data processing and request the disclosure of certain personal data in electronic form or revoke its transmission to other controllers or revoke consent with effect for the future, insofar as our processing is based on your consent.

If you wish to assert your rights against artFAQ, please contact us; the contact details can be found in section 1. To prevent misuse, we must verify your identity (e.g. by providing a copy of your identity card if necessary).

6. Cookies / tracking and other technologies in connection with the use of our website

When you use our website (including the newsletter), data is collected and stored in log files (in particular technical data). In addition, we may use cookies and similar technologies (e.g. pixel tags or fingerprints) to recognise website visitors, evaluate their behaviour and identify preferences. A cookie is a small file that is transferred between your system and the server and enables a specific device or browser to be recognised. You can set your browser to automatically reject, accept or delete cookies. You can also deactivate or delete cookies in individual cases. You can find out how to manage cookies in your browser in the help menu of your browser.

Neither the technical data collected by us nor cookies contain any personal data. However, personal data that we or third-party providers commissioned by us store about you (e.g. if you have a user account with these providers) may be linked to the technical data or the information stored in and derived from cookies, and thus possibly to your identity.

We also use social media plug-ins, which are small pieces of software that establish a connection between your visit to our website and a third-party provider. The social media plugin informs the third party that you have visited our website and may send cookies to the third party that the third party has previously placed in your web browser. For more information on how these third-party providers use your personal data collected via their social media plugins, please refer to their respective privacy notices.

7. Duration of storage of personal data

In principle, we process and store your personal data for as long as is necessary for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing and beyond that in accordance with the statutory retention and documentation obligations. The storage of specific data is handled as follows:

Regarding registrations for events or courses: The personal data except for the postcode of the participants will be deleted after the end of the event or course on the artFAQ side after a maximum of 2 years; statistically relevant data will be kept anonymised;

Regarding recordings of online events: Consent to the recording can be withdrawn at any time and a request made to delete the video material;

Regarding consultations: All shared documents are taken away by users after the consultation or archived in the e-mail programme and deleted after a maximum of 2 years;

For evaluation, analysis and statistical purposes: Anonymised data will be kept for at least 4 years after the grant period has expired;

Regarding application procedures: Application documents will be deleted after completion of the procedure or retained with the consent of the applicant.

8. Data security

We take standard technical and organisational security precautions to protect your personal data, such as access controls and restrictions, encryption of data carriers and anonymisation of certain data. For data security, we also refer you to the security measures of the third-party providers we use, see section 4.

9. Obligation to provide personal data

As part of our business relationship, you must provide the personal data that is necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations (as a rule, you do not have a legal obligation to provide us with data). Without this data, you will generally not be able to take advantage of our offers. The website can also not be used if certain information to secure data traffic (such as IP address) is not disclosed.

10. Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply. If the privacy policy is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.

*****