We are happy about you visiting our website. We would like to introduce you to the responsible authority in terms of data protection law as applicable:
Tone Kaffeemaschinen AG
represented by the Board
Phone: +41 52 620 06 06
Pursuant to our statutory obligations, we would like to inform you about the collection and use of your personal data.
When you use our website, personal data about you will be collected. This may happen by you entering the data yourself, for example your e-mail address. But our system also collects your data automatically, for example whenever you visit our website. This happens irrespective of the device or the software that you use to visit our website.
All data that you enter in our app is provided voluntarily; there are no disadvantages to you if you do not provide data. But without certain data, we are unable to provide services or to conclude contracts. Whenever such information is necessary, we will point it out to you.
On this website, the user’s personal data is only collected within the framework of the existing data-protection law, in particular the General Data Protection Regulation (GDPR). The legal terms used in the text are defined in Art. 4 of the GDPR.
The GDPR allows data processing in three cases in particular:
- in accordance with Art. 6 para. 1 (b) GDPR, when processing your personal data is necessary for negotiating, concluding or performing a contract;
- in accordance with Art. 6 para. 1 (f) GDPR, if the balancing of interests leads to the conclusion that the processing is necessary to protect our legitimate interests; this means in particular our interests to analyse, optimise and secure the offers on our website – meaning primarily the analysis of user behaviour, setting up profiles for advertisement purposes and storage of access data as well as the use of third-party providers.
We collect inventory data as far as it is necessary to establish, negotiate or amend a contract (including one without remuneration) between us and the user. This can be: customer data (for example name, address), contact data (for example e-mail address, phone number), service data (for example services ordered, duration, payment). Upon establishing the user relationship, we will ask you for this data (for example name, address and e-mail address) and will also tell you which of the information is required to establish the user relationship.
We also collect usage data to allow users to use the services on our website. These may consist of: usage information (for example visited websites or parts, duration of visit, interest in services), content data (for example data, text, images, sounds, videos entered or uploaded by you), meta data (for example identity of your device, location, IP address).
The legal basis for this data processing are our legitimate interests pursuant to Art. 6 para. 1 (f) GDPR in analysing the website and your use, possibly also the statutory permission to store data as part of the negotiation of a contract pursuant to Art. 6 para. 1 (b) GDPR.
First Contact through Electronic Request
If you contact us in electronic form (for example by mail, fax, phone, messenger, etc.), we store and process the data which you have given us (for example name, contact information, content of the request). This is based on our legitimate interest in an effective communication with customers in accordance with Article 6 para. 1 (a) GDPR and, as far as it concerns a request to enter into or to perform a contract, also with Article 6 para. 1 (b) GDPR.
We will only pass on this data to third parties as far as required for the performance of the contract (in accordance with Article 6 para. 1 (b) GDPR), by the overwhelming interest in effective services (in accordance with Article 6 para. 1 (f) GDPR) or based on your consent (in accordance with Article 6 para. 1 (a) GDPR) or if there is another legal permission or obligation.
You may ask us at any time and without any cost to provide information about the purpose of the processing, the origin and the recipient, if any, of your data. You may also request that we correct, delete or limit the processing of your personal data. You may object against the (further) processing of your data at any time and you have a right for the data to be made transferable as well as the right to file a complaint with the competent supervisory agency.
In general, your data will only remain stored as long as required by the purpose of the respective data processing. A longer storage is an option, in particular when required in order to pursue our rights, for other legitimate interests of ours or when there is a statutory duty to keep the data longer (for example record-keeping under tax law, statute of limitations).
Whenever we ask you for your consent for the processing of your data, we will inform you in clear language and in an easily accessible way about the cases for which you will be granting your consent. Any consent that we ask you for is voluntary. Any advantage that you wish to gain by granting consent is also available without consent; simply ask us.
Regarding any consent, you have the right to revoke any consent given to us for the processing of your personal data at any time. You just need to contact us without any particular formal requirement, for example through our contact form, an e-mail to the e-mail address indicated in the “About Us” section or a link to unsubscribe (if offered by us). Your withdrawal has no effect on the legality of the data processing carried out up to that point.
Generally, your data will only remain stored as long as required by the purpose of the respective data processing. Storage beyond that is possible in particular if it is still required for pursuing our rights or for other legitimate interests of ours.
For your inventory data which were necessary to perform a contract (including one without remuneration), this means that we store this data until the complete performance or termination of the contractual relationship plus the limitation period (which is generally 2 or 3 years) plus an adequate extra time for potential interruptions of the limitation period.
For your usage data which was collected in the course of your use of the website, this means that we will store it only for the time still required for the proper functionality of our website and as long as we still have a legitimate interest. Statistical information will be primarily stored by us in pseudonymous form.
Beyond that, we still store your data for as long as we are required to do so by law. This concerns in particular the tax-law requirements to keep records, usually for 6 or even 10 years.
More then essential Cookies
Cookies are text files that are stored on your computer and which store certain data about your user behavior on our page, so that certain features or offers can be made available to you based on your previous use. These can be “session cookies”, which are automatically deleted when you leave our website. Other cookies are stored on your computer permanently until you delete them. That allows us to recognize your browser when you visit our website again and to provide you with features or offers according to your previous usage.
for Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
for Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
for Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
for Edge: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
for Internet Explorer: https://support.microsoft.com/en-gb/help/278835/how-to-delete-cookie-files-in-internet-explorer
Blocking cookies may limit the functionality of our website and of other websites visited by you.
More information on this topic, in particular how you can administer, limit or completely disable third-party cookies and technologies with a similar purpose, can be found at:
In order to obtain your consent to store certain cookies on your device and to document this in line with data protection law, and in line with our legal obligations under Art. 6 para. 1 sentence 1 (c) GDPR and our legitimate interest in accordance with Art. 6 para. 1 (f) GDPR, we use the Cookie Consent Manager “Borlabs Cookie“ provided by Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany.
Borlabs Cookie only places cookies that are technologically necessary. When you open our website, the following data will be sent to Borlabs Cookie: your consent or the withdrawal of your consent for placing cookies, a cookie placed on your browser by Borlabs Cookie, the duration and version of the cookie, domain and path of the WordPress website and the UID. The UID is a randomly generated ID and no personal information.
Borlabs Cookie processes no personal data. If you want to withdraw the consent to place certain cookies, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your consent to place cookies again.
You may request us anytime to provide information about the personal data stored about you free of charge. To avoid misuse, this will require personal identification.
Deletion, Correction, Limitation
You may at any time demand from us that we correct (or complete) incorrect data as well as a limitation of the processing of data or deletion of your data. This applies in particular if the reason for processing the data is no longer valid, if a required consent has been revoked and there is no other legal basis or if our data processing is unlawful. We will then correct, block or even delete your personal data without delay as far as permitted by law.
The right to object to advertisement is governed by our text regarding consent:
You may request us to transfer the data stored about you in machine-readable form.
If you feel that our data processing has violated any of your rights, you may file a complaint with the competent regulatory agency (here you find a list of the agencies).
Encryption of Data Entry
When you enter data on our website, whether in a contact form, during the registration process, when you log in or for payment purposes, the website, where you enter the data, is encrypted. Thus, third parties can not read what you enter. You will recognise the encryption by the lock symbol in your browser and by the URL beginning with “https“ instead of “http“.
If you subscribe to the newsletter offered on our website, we will inform you in detail about the information you will receive, which of your data will be stored and what it will be used for. We will not pass on your data to third parties and we will only use it to mail the newsletter.
We will only mail you the newsletter if you have given us your prior permission. To that purpose, you will receive an e-mail from us with a link and further instructions and our request for your consent. By clicking on this link, you declare your consent to receiving the newsletter and our advertising.
Because we are legally obligated to record your permission as part of the so-called double opt-in, your order of the newsletter, the mailing of our e-mail of consent and your consent by clicking on the link will be recorded and saved with location and time as well as with your IP address.
The basis for the storage is your consent pursuant to Art. 6 para. 1 (a) GDPR, which you grant to us by registering for the newsletter. You may revoke this consent at any time, you just need to contact us without any particular formal requirement (for example through the contact form or an e-mail or the unsubscribe button in each e-mail). This withdrawal has no effect on the legality of the data processing that has occurred until that point.
For mailing the newsletter, we use (based on our legitimate interest in a technologically perfect processing of our customer information and analysis) the provider MailChimp (Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA) from the USA.
This means, your data will be exportet to the USA. We have concluded a data processing agreement including the EU standard contractual clauses with our newsletter provider, in which he guarantees to protect your data in compliance with the GDPR and manage your data solely as ordered by us.
MailChimp will only use your data for mailing the newsletter and for evaluating that mailing on our behalf. In addition to that, MailChimp will only use your data to improve their own service. But MailChimp will not use the data to contact you directly or to pass on your data to third parties.
The mails used by MailChimp contains a “web beacon“, which will inform MailChimp about the opening of the newsletter and/or the clicking on a link contained therein by you. As part of that process, information regarding your browser, your location and your IP address will be transmitted to MailChimp. This information will be used to optimise our communication with you.
Our newsletter provider will also use this data for purposes of analysis and optimisation of their own service, but only in pseudonymised form (meaning that your identification is not possible). But your data will not be used by the provider to contact you directly.
Your data will remain stored for as long as you are stored in our mailing list, the storage is required to enforce our rights or it is necessary for our legitimate interest or we are required by law to keep your data.
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the Google Analytics tool provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. This allows to analyse the use of websites and to put together pseudonymous profiles of users based on the data. In order to do this, Google applies different technologies, among them also storing cookies on your computer. These store information about the use of our page, which we will use to improve our offers.
The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA. We have concluded a data processing agreement with Google, according to which Google only processes your data according to our instructions. This agreement ensures, that your data will be transferred to the US solely on the base of the standard contractual clauses, see the Google Ads Data Processing Terms for further information. The Google Ads Data Processing Terms are available here: https://business.safety.google/adsprocessorterms/.
We have taken additional precautions to ensure the appropriate protection of your data as far as possible. Before transferring it to Google, we anonymize your IP address. This is achieved by activating the Anonymizelp() feature in the tracking code of Google Analytics.
We have also concluded a contract with Google about the processing of data, according to which Google will not combine your data with other data collected by Google in order to find out your identity.
If this should not be sufficient for you, you can also use the link http://tools.google.com/dlpage/gaoptout
to download and install a browser plugin provided by Google to block Google Analytics, preventing Google from collecting and transferring your personal data.
You can also prevent the data collection by Google Analytics by confirming the subsequent link deactivate Google Analytics to deactivate Google Analytics by setting an opt-out cookie which will also prevent the collection of your data.
You will find more information about Google’s precautions regarding data protection at the following link:
Additionally for the general handling with cookies, their deactivation and transfer of data to third parties (in particular USA) we refer to the general part of this declaration.
Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the security plugin iThemes Security provided by Liquid Web LLC, 2703 Ena Drive, Lansing, MI 48917, USA to prevent attacks on our website. Login attempts, logout requests, requests for suspicious URLs, changes to the content of the site and password updates are recorded by the plugin and stored for 30 days in order to block massive requests and attacks on our website.
iThemes cannot be blocked, because that would remove the protection of our website.