Privacy Policy

This privacy policy informs you about the type, scope, and purpose of the collection and use of personal data on our website ready.ch (hereinafter referred to as "Website") by READY AG (hereinafter referred to as "we" or "us") and provides information about your rights. These rights are governed by the applicable data protection laws.

The responsible entity for data processing within the meaning of the data protection laws, particularly the EU General Data Protection Regulation (GDPR), and the contact for data protection concerns is:

READY AG, 9043 Trogen Email: contact@ready.ch

Based on Article 13 of the Swiss Federal Constitution and the federal data protection regulations (Data Protection Act, DPA), every person is entitled to privacy and protection against the misuse of their personal data. The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this privacy policy. In cooperation with our hosting providers, we strive to protect the database as much as possible from unauthorized access, loss, misuse, or falsification. We would like to point out that data transmission over the Internet (e.g., when communicating by email) can have security vulnerabilities. A complete protection of data from access by third parties is not possible. By using this website, you consent to the collection, processing, and use of data as described below. This website can generally be visited without registration. In doing so, data such as pages accessed or the name of the accessed file, date, and time may be stored on the server for statistical purposes, without this data being directly related to you as a person. Personal data, especially name, address, or email address, is collected on a voluntary basis wherever possible. Without your consent, no data will be passed on to third parties.

This privacy policy exclusively governs the contractual relationship between us and the users of the website in the aforementioned sense. Opposing or deviating terms and conditions of the customer are not recognized unless we have expressly agreed to them in writing in a specific case.

Personal data is any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and methods used, especially the storing, disclosing, acquiring, deleting, saving, modifying, destroying, and using of personal data. We process personal data in accordance with Swiss data protection law. Furthermore, we process personal data – to the extent and insofar as the EU General Data Protection Regulation (GDPR) is applicable – according to the following legal bases in connection with Art. 6 para. 1 GDPR:

• lit. a) Processing of personal data with the consent of the data subject.
• lit. b) Processing of personal data for the performance of a contract with the data subject as well as for the implementation of corresponding pre-contractual measures.
• lit. c) Processing of personal data to comply with a legal obligation to which we are subject under any applicable law of the EU or under any applicable law of a country where the GDPR is wholly or partially applicable.
• lit. d) Processing of personal data to protect the vital interests of the data subject or another natural person.
• lit. f) Processing of personal data to safeguard our legitimate interests or those of third parties, provided that the fundamental freedoms, fundamental rights, and interests of the data subject do not prevail. Legitimate interests include, in particular, our economic interest in being able to provide our website, information security, the enforcement of our own legal claims, and compliance with Swiss law.

We process personal data for the period necessary for the respective purpose or purposes. In the case of longer retention obligations due to legal or other duties to which we are subject, we restrict the processing accordingly.

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser's address bar. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Our web hosting providers are Amazon Web Services, Inc. and Vercel. To optimize and maintain our website, we log technical errors that may occur when accessing our website. Additionally, when using this website, information is automatically collected that the browser on your device transmits to our host provider. This includes:

• IP address and operating system of your device, browser type, version, language, and the hostname of the accessing computer,
• Date and time of the server request, accessed file,
• The website from which access was made (referrer URL), the status code (e.g., 404), and
• The transmission protocol used (e.g., HTTP/2).

These data cannot be associated with specific individuals. No merging of this data with other data sources takes place. We reserve the right to subsequently check this data if we become aware of specific indications of unlawful use. These data are collected and stored by our host provider to optimize processes and operations, particularly in connection with the use of our website and the security and stability of the computer system.

Further information can be found in the privacy policy of Amazon Web Services at https://aws.amazon.com/de/compliance/data-protection/. If the GDPR is applicable, the basis for this data processing is Art. 6 para. 1 lit. f GDPR.

If you send us inquiries via the contact form, the information you provide in the inquiry form, including the contact details you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

We use cookies on our website. Cookies are small files that are stored on your device and saved by your browser. Some of the cookies we use are automatically deleted when you leave our website. Other cookies remain stored on your device until you delete them or they expire. These cookies allow us to recognize your browser the next time you visit our website. In your browser settings, you can configure it to inform you in advance about the setting of cookies and to decide on a case-by-case basis whether to accept cookies, exclude the acceptance of cookies for specific cases or in general, or to completely prevent cookies. This may limit the functionality of the website. Cookies that are necessary for electronic communication, for functions requested by you, or for optimizing your user experience are stored – if the GDPR is applicable – based on Art. 6 para. 1 lit. f GDPR.

We offer a newsletter that you can subscribe to via the website. Accordingly, we use your email address to send you the respective newsletter or deal updates by email. If the GDPR is applicable, the basis for this data processing is Art. 6 para. 1 lit. f GDPR.

We use an analytics service to measure the reach of our newsletter. This measures how often and when the newsletter is opened and which links the recipient follows. If the GDPR is applicable, the basis for this data processing is Art. 6 para. 1 lit. f GDPR.

When you create an account in our app, the information you enter will be stored. We collect the following details:

• First and last name
• Email address
• University and semester

We use this data to provide you with the account. If the GDPR is applicable, the basis for this data processing is Art. 6 para. 1 lit. b and f GDPR.

For the provision of paid services, we request additional data, such as payment information, to process your order or request. We store this data in our systems until the statutory retention periods have expired.

We use various third-party services on our website. Below, we provide detailed information on which services are involved, what we use them for, and which data is collected.

We use Google Analytics from Google, which is a web-based analysis tool that allows us to collect and analyze information about user behavior on our website. This helps us to optimize our website and marketing activities and fundamentally improve the user experience. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Google Analytics at https://support.google.com/analytics/topic/2919631?hl=en&ref_topic=1008008&sjid=1339396462853908134-EU.

We use Google reCAPTCHA from Google, which is a free service from Google that allows us to protect our website from spam and abuse. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Google reCAPTCHA at https://policies.google.com/privacy?hl=en.

We use Google Tag Manager from Google, which is a solution that allows us to integrate marketing services into our online offerings. The Tag Manager itself, which implements the tags, does not process any personal data of users. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Google Tag Manager at https://policies.google.com/privacy?hl=en.

We use Google Fonts from Google, which is a solution for the consistent display of fonts, known as web fonts. When a page is accessed, your browser loads the required web fonts into its browser cache to correctly display texts and fonts. If your browser does not support web fonts, a standard font from your computer is used. More information about Google Web Fonts can be found at https://developers.google.com/fonts/faq. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Google Fonts at https://www.google.com/policies/privacy/.

We use Sentry, which is a platform for error monitoring and tracking that helps developers to identify, diagnose, and fix problems and errors in their applications. By enabling quick detection, diagnosis, and resolution of errors before they affect users, the quality, stability, and performance of our applications are improved. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Sentry.io at https://sentry.io/privacy/.

We use Mailchimp, which is a mailing service provider that allows us to send our newsletters. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Mailchimp at https://www.intuit.com/privacy/statement/.

We use Shopify, which is an e-shop solution. We use Shopify for the checkout process, payment, and managing orders. In the context of fulfilling contracts, we use Shopify based on the Swiss Data Protection Ordinance and, where necessary, Art. 6 (1) (b) EU GDPR. Otherwise, we use external payment service providers based on our legitimate interests according to the Swiss Data Protection Ordinance and, where necessary, Art. 6 (1) (f) EU GDPR, to provide our users with effective and secure payment options. You can find the privacy policy of Shopify at https://www.shopify.com/legal/privacy.

We use Twilio, which is a mailing service provider that allows us to send emails. We use Twilio for sending login emails and for inquiries through the contact form. If the GDPR is applicable, the basis for data processing is Art. 6 (1) (a) GDPR or Art. 6 (1) (b) GDPR or Art. 6 (1) (f) GDPR. You can find the privacy policy of Twilio at https://www.twilio.com/en-us/legal/privacy.

All information on our website has been carefully checked. We strive to offer our information up-to-date, accurate, and complete. However, the occurrence of errors cannot be completely ruled out, and we cannot guarantee the completeness, accuracy, or timeliness of information, including journalistic and editorial content. Claims for damages of a material or immaterial nature arising from the use of the information provided are excluded, unless there is proven intentional or grossly negligent fault. The publisher may, at its discretion and without notice, alter or delete texts and is not obliged to update the content of this website. The use or access to this website is at the visitor’s own risk. The publisher, its clients, or partners are not responsible for damages, such as direct, indirect, incidental, special, or consequential damages, allegedly arising from the visit to this website and therefore assume no liability.

On our website and in our app, you will find links to third-party sites. We are not responsible for the content and privacy practices on external websites accessed through these links. Please review the privacy policies directly on the respective websites.

In order to provide you with the information on our website, we work with various service providers, specifically IT service providers, to offer you a contemporary website. These providers use your data only within the scope of processing our orders. We only transmit data to entities outside Switzerland and the European Union (third countries) if there is a legal obligation, you have expressly consented, it is required by the respective contract, or to protect our legitimate interests.

The copyrights and all other rights to the content, images, photos, or other files on the website exclusively belong to the operator of this website or the specifically named rights holders. Reproduction of any files requires prior written consent from the copyright holder. Anyone who infringes copyright without the consent of the respective rights holder may be subject to criminal liability and potentially liable for damages.

As provided by the applicable data protection law, you can request information free of charge about the data stored about you, its origin, recipients, and the purpose of data processing. You also have the right, under legal conditions, to correction, deletion, restriction of, or opposition to processing of your data and, if the GDPR applies, to request the transfer of this data to another entity.

You can withdraw any consent you have given at any time with future effect. An informal notification via email to us is sufficient.

Please note that the above rights are subject to legal restrictions and may affect or make it impossible to provide our services.

You have the right to enforce your claims in court or to file a complaint with the relevant data protection authority. For Switzerland, the Federal Data Protection and Information Commissioner is responsible (http://www.edoeb.admin.ch).

We may change or adjust this privacy policy at any time. The current privacy policy can be accessed at https://www.ready.ch/en/dataprotection/.