Privacy policy

In this privacy policy, we would like to inform you about what personal data we process for what purpose, how and where, particularly in connection with our investinthurgau.ch website and our other services. We will also inform you about the rights of persons whose data we process in this privacy policy.

Special, supplementary or other privacy policies and other legal documents such as general terms and conditions (GTCs), terms of use or terms and conditions of participation may apply to individual or additional offerings or services.

1. Contact addresses

Controller responsible for the processing of personal data:

Amt für Wirtschaft und Arbeit, Wirtschaftsförderung Thurgau
(Thurgau Office for the Economy, Labor and Economic Development)

Canton of Thurgau
Amt für Wirtschaft und Arbeit, Wirtschaftsförderung Staubeggstrasse 2
8510 Frauenfeld

wifoe[at]tg.ch

If other controllers are responsible for processing personal data, we will flag this on a case-by-case basis.

2. Processing of personal data

2.1 Definitions

Personal data is any information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, with particular reference to storing, disclosing, procuring, collecting, erasing, saving, altering, destroying and using personal data.

2.2 Legal bases

We process personal data in accordance with Swiss data protection law, which particularly includes the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

2.3 Type, scope and purpose

We process all personal data necessary to permanently provide our website in a user-friendly, secure and reliable way. This personal data may fall into the categories of inventory and contact data, browser and device data, content data, meta/application data and usage data, location data, and sales, contract and payment data.

We process personal data for any period necessary for the respective purpose or purposes, or as required by law. If processing is no longer necessary for personal data, it is anonymized or erased. If we process someone’s personal data, they have a fundamental right to erasure.

We strictly only process personal data with the data subject’s consent, unless processing is permitted for other legal reasons, for example to perform a contract to which the data subject is a party, to take corresponding steps prior to entering into a contract or to safeguard our overriding legitimate interests because processing is evident from the circumstances or following prior notice.

In this context, we particularly process information data subjects transmit to us personally and on a voluntary basis when they contact us, for example by post, email or telephone, via a contact form or via social media, or when registering for a user account. As examples, we may store such information in an address book, a customer relationship management system (CRM system) or using comparable resources. If you transmit data to us that concerns other persons, you are obliged to guarantee data protection for such persons and you are obliged to ensure the accuracy of such personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect when providing our website, insofar as and to the extent that such processing is permitted by law.

2.4 Processing of personal data by third parties, including processing abroad

We may have personal data processed by commissioned third parties, we may process personal data together with third parties and with the assistance of third parties, and we may transmit data to third parties. Such third parties particularly include providers whose services we use. We also guarantee adequate data protection for such third parties.

Such third parties are generally located in Switzerland and in the European Economic Area (EEA). However, such third parties may also be located in other states and territories and elsewhere in the universe provided that their data protection law guarantees adequate data protection in the view of the Swiss Federal Data Protection and Information Commissioner (FDPIC), or if adequate data protection is guaranteed on other bases, for example through a corresponding contractual agreement, particularly on the basis of standard contractual clauses, or through corresponding certification. In exceptional cases, such a third party may be located in a country that does not have adequate data protection, provided that the data protection requirements, such as the data subject’s explicit consent, are met.

3. Data subject rights

Data subjects – whose personal data we process – have rights under Swiss data protection law. These include the right of access and the right to rectification, erasure or suppression of the personal data processed.

Data subjects – whose personal data we process – have a right to lodge a complaint with a competent supervisory authority. The supervisory authority for data protection in Switzerland is the Swiss Federal Data Protection and Information Commissioner (FDPIC).

4. Data security

We take appropriate and suitable technical and organizational measures to ensure data protection and data security in particular. However, the processing of personal data online may involve security vulnerabilities even though such measures have been taken. We cannot guarantee absolute data security.

Access to our website takes place via transport encryption (SSL/TLS, in particular with hypertext transfer protocol secure, abbreviated as HTTPS). Most browsers indicate transport encryption by showing a padlock in the address bar.

As with all internet use, access to our website is subject to unfounded mass surveillance without suspicion and other surveillance by security authorities in Switzerland, the European Union (EU), the United States of America (USA) and other countries. We do not have direct control over the processing of personal data by secret services, the police or other security authorities.

5. Website use

5.1 Cookies

We may use cookies on our website. Cookies – both our own cookies (first-party cookies) and cookies from third parties whose services we use (cookies from third parties or third-party cookies) – are data stored in your browser. Such stored data does not necessarily have to be limited to traditional cookies in text form. Cookies cannot run programs or transmit malware such as Trojans or viruses.

When you visit our website, cookies can be temporarily saved in your browser as ‘session cookies’ or for a set period of time as ‘permanent cookies’. ‘Session cookies’ are automatically deleted when you close your browser. Permanent cookies have a set storage period. In particular, they allow your browser to recognize our website when you visit us again and as a result, they measure the reach of our website, for example. However, permanent cookies can also be used for online marketing, for example.

You can fully or partially disable or delete cookies in your browser settings at any time. Without cookies, you may be unable to use our website to its full extent. If and to the extent necessary, we actively request your explicit consent to the use of cookies.

If cookies are used for success and reach measurement, or for advertising, it is possible to generally opt out of a number of services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance) or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

5.2 Server log files

We may collect the following information each time you access our website, provided that this is transmitted from your browser to our server infrastructure or can be identified by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual sub-pages of our website accessed including the volume of data transmitted, last website accessed using the same browser window (referrer).

We store this information, which can also include personal data, in server log files. The information is necessary to permanently provide our website in a user-friendly and reliable way, and to be able to ensure data security and thus the protection of personal data in particular – including by third parties or with the assistance of third parties.

5.3 Tracking pixels

We may use tracking pixels on our website. Tracking pixels are also called web beacons. Tracking pixels – also from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. The same information can be collected with tracking pixels as is collected in server log files.

6. Social media

We are present on social media platforms and other online platforms to communicate with interested parties and to be able to inform you about our offering. Here, personal data may be processed outside Switzerland and the European Economic Area (EEA).

The general terms and conditions (GTCs), terms of use, privacy policies and other regulations of the individual operators of such online platforms apply respectively. These regulations particularly inform you about data subject rights, which especially include the right of access.

7. Success and reach measurement

We use services and programs to find out how our website is used. In this context, we can, for example, measure the success and reach of our website as well as how effective third-party links are on our website. We can also try out and compare how different versions of our website or parts of it are used (‘A/B testing’ method). Based on the findings of success and reach measurement, we can in particular fix errors, strengthen particularly popular content or make improvements to our website.

When using services and programs to measure success and reach, the Internet Protocol (IP) addresses of individual users have to be stored. IP addresses are strictly truncated to comply with the principle of data economy through corresponding pseudonymization and to improve data protection for visitors to our website (‘IP masking’).

When using services and programs to measure success and reach, cookies can be used and user profiles created. As an example, user profiles include the pages visited or content viewed on our website, information on the size of the screen or browser window and the – at least approximate – location. User profiles are strictly created in pseudonymized form. We do not use user profiles to identify individual visitors to our website. Individual services for which you are registered as a user may, if necessary, link the use of our website to your profile for the respective service. You usually have to give your prior consent to this.

In particular, we use:

Google Analytics: success and reach measurement; provider: Google LLC (USA)/Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and in Switzerland; data protection information: measurement across different browsers and devices (cross-device tracking) with pseudonymized Internet Protocol (IP) addresses, which in exceptional cases may be transmitted to Google in the USA in full, ‘Our privacy and security principles’, Privacy Policy, ‘Google product privacy guide’ (including Google Analytics), ‘How Google uses information from sites or apps that use our services’ (information from Google), ‘How Google uses cookies’, ‘Google Analytics Opt-out Browser Add-on’, ‘Ad personalization’ (enable/dis able/settings).

8. Third-party services

We use services from third parties to permanently provide our website in a user-friendly, secure and reliable way. These services are also used to allow us to embed content into our website. These services – hosting and storage services, video services and payment services, for example – need your Internet Protocol (IP) address, as they would otherwise be unable to transmit the content. These services may be provided outside Switzerland and the European Economic Area (EEA), as long as adequate data protection is ensured.

For their own security-relevant, statistical and technical purposes, third parties whose services we use may also process data in connection with our website and from other sources – including cookies, log files and tracking pixels – in aggregated, anonymized or pseudonymized form.

8.1 Digital infrastructure

We use third-party services in order to make use of digital infrastructure for our website. As an example, this includes hosting and storage services provided by specialist providers.

8.2 Audiovisual media

We use third-party services to directly play audiovisual media such as music or videos on our website.

In particular, we use:

Vimeo: videos; provider: Vimeo Inc. (USA); data protection information: ‘Data protection’, Privacy Policy.

8.3 Fonts

We use third-party services to embed selected fonts, as well as icons, logos and symbols, into our website.

In particular, we use:

Google Fonts: fonts; provider: Google LLC (USA)/Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and in Switzerland; data protection information: ‘What does using the Google Fonts API mean for the privacy of my users?’, ‘Our privacy and security principles’, Privacy Policy.

9. Final provisions

We created this privacy policy using the data protection generator provided by Datenschutzpartner.

We may change and add to this privacy policy at any time. We will notify you of such changes and additions in a suitable form, in particular by publishing the respective current privacy policy on our website.