Version of September 1, 2023
In this data protection declaration (hereinafter “ declaration ”), we, HAPPY OFFICINE SÀRL (hereinafter “ we ”), explain how we collect and process personal data.
The term “ personal data ” or “ data ” means any information that relates to a specific or identifiable individual.
If you provide us with the personal data of other people (for example, family members or work colleagues), please ensure that these people are aware of this data protection declaration and do not share their data with us only if you are authorized to do so and if this personal data is correct.
Please note that other data protection rules or general conditions, conditions of participation and similar documents may govern data protection in relation to specific topics.
This data protection declaration is aligned with the EU General Data Protection Regulation (“ GDPR ”) and the Swiss Data Protection Act (“ DPA ”). However, the application of these laws depends on each case.
In this document, the terms used to designate people or functions are taken in the generic sense; they have both feminine and masculine value.
HAPPY OFFICINE SÀRL, is responsible for processing the data we describe here, unless otherwise indicated in particular cases. If you have any questions regarding data protection, you can send them to us using the following contact details:
Postal address: Route de la Mortigue 1, 1072 Forel
Collection and processing of personal data
We mainly process personal data that we receive from our customers and other business partners in the context of our business relationship with them and other persons involved in this relationship, or that we collect from their users in the context of operation our website(s) and other programs. To the extent permitted, we also collect certain data from publicly accessible sources (e.g. debt collection register, land register, commercial register, press and internet) or receive this data from public authorities and other third parties (such as credit agencies or address providers).
In addition to the data about you that you communicate directly to us, the categories of data that we receive from third parties include, in particular, information from public registers, information that we become aware of in the context of official and legal procedures, information relating to your functions and business activities (for example, to enable us to enter into and process transactions with your employer with your assistance), information about you in correspondence and meetings with third parties, credit assessments (to the extent we carry out transactions with you personally), information about you provided by people close to you (family, advisors, legal representatives, etc.) to enable us to enter into contracts or agreements with third parties or with you, respectively contracts or agreements concerning you (e.g. obtaining references), your address for deliveries, powers of attorney, information on compliance with legal requirements such as anti-money laundering and export restrictions , information from banks, insurance companies (e.g. payments and purchases made), personal data from the media and the Internet (if appropriate in the specific case, e.g. in the context of an application, a press review, marketing/sales, etc. ), your addresses and, where applicable, your interests and other socio-demographic data (for marketing purposes), data related to the use of the website (e.g. IP address, MAC address of the smartphone or computer , information about your device and its settings, cookies, date and time of visit, pages viewed and content, functions used, referring website, location information).
Purpose of data processing and legal bases
We use the personal data that we collect mainly to conclude and execute our commitments with our customers and partners, in particular in the context of the distance selling and delivery of cosmetic, food supplement and well-being products.
As part of this activity, we collect personal data for transactions with our customers and the purchase of products and services from our partners and subcontractors, as well as to comply with our legal obligations in Switzerland and abroad. stranger. If you work for such a client or partner, your personal data may of course also be affected in this capacity.
We also process your data and that of others, to the extent permitted and we consider it appropriate, for the following purposes in which we (and sometimes also third parties) have a legitimate interest:
Cookies / Tracking and other techniques relating to the use of our website(s)
Subject to applicable law, we may include visible and invisible image files in our newsletters and other marketing emails . If these image files are retrieved from our servers, we can determine if and when you opened the email, which allows us to measure and better understand how you use our offers and personalize them. You can deactivate this function in your email; This is usually a default setting.
By using our website(s) and agreeing to receive newsletters and other marketing emails, you consent to our use of these techniques. If you object, you must configure your browser or email accordingly.
We may use Google Analytics or similar services on our website(s). These are services provided by third parties, which may be located in any country in the world (in the case of Google Analytics Google Ireland Ltd. (located in Ireland), Google Ireland relies on Google LLC (located in the United States) as a processor (both " Google ", www.google.com ) and which allow us to measure and evaluate the use of our website (on an anonymous basis). end, permanent cookies are used, which are set by the service provider. We have configured the service in such a way that the IP addresses of visitors are truncated by Google in Europe before being transmitted to the United States and that it is then impossible to trace them. We have disabled the "data sharing" option and the "signals" option. Although we assume that the information we share with Google does not constitute personal data for Google, Google may be able to determine the identity of visitors based on the collected data, create personal profiles and link this data to the Google accounts of these persons for its own purposes. If you have registered with the service provider, the service provider will also know your identity. In this case, the processing of your data by the service provider takes place within the framework of its data protection rules. The service provider only provides us with data on the use of the respective website (but not any personal information about you).
In addition, we use social media plugins such as Facebook, Twitter, YouTube, Pinterest or Instagram on our websites. You can see these elements (usually by the corresponding logos). We have configured these items to be disabled by default. If you activate them (by clicking on them), the operators of the respective social networks can record that you are on our website and exactly where on our website you are located and can use this information for their purposes. This processing of your data is the responsibility of the operator concerned and is carried out in accordance with its data protection provisions. We do not receive any information about you from the relevant operator.
Transfer of data to third parties
In the course of our business activities and in accordance with the purposes described in point 3, we may transfer data to third parties, to the extent that such transfer is permitted and we deem it appropriate, so that they process the data for us. or, where applicable, for their own needs. In particular, the following categories of recipients may be affected:
together, the “ recipients ”.
If we transmit data to recipients, we comply with the relevant legal requirements and, in particular, we conclude data processing contracts or agreements similar with the respective recipients in order to protect your data.
Data transfer abroad
We may share data with recipients, individuals, authorities, organizations, companies or other entities abroad. In particular, we may transfer personal data to any countries in which our service providers process personal data.
If a recipient is located in a country without adequate legal data protection, we require the recipient to contractually comply with the applicable data protection (for this purpose we use the revised standard contractual clauses of the European Commission , which are available here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is already subject to a set of legally recognized rules to guarantee protection data and we cannot rely on an opt-out provision. An exemption may apply in particular in the event of legal proceedings abroad, but also in cases of overriding public interests or if the execution of a contract requires such a transfer, if you have consented to it, or if it This is data that you have made generally available and to the processing of which you have not objected.
Duration of retention of personal data
We process and keep your data for as long as is necessary for the performance of our contractual and legal obligations or for the purposes pursued by the processing, that is to say, for example, for the entire duration of the commercial relationship ( from the conclusion to the termination of a contract) and beyond under legal retention and documentation obligations. In this context, we may retain personal data for the period during which claims may be made against our company and to the extent that we are required to do so by law or legitimate business interests. (e.g. for evidentiary and documentation purposes). As soon as your data is no longer necessary for the aforementioned purposes, it will be deleted or anonymized as far as possible. For operational data (e.g. system logs and logs), shorter retention periods of twelve months or less are generally expected.
We take appropriate technical and organizational security measures to protect your data against unauthorized access and misuse.
We already take the protection of personal data into account when designing or choosing hardware, software or processes using appropriate technical and organizational measures. In addition, we ensure that the default settings are data protection-friendly.
Obligation to provide data
As part of our commercial relationship, you must provide the personal data necessary for its implementation and execution, as well as for compliance with the contractual obligations linked to it (you generally have no legal obligation to provide us provide data). Without this data, we will generally not be able to enter into or perform any contract with you (or the entity or person you represent). Furthermore, our website(s) cannot be used if certain traffic security information (such as IP address) is not disclosed.
Profiling and automated individual decisions
We may partially process your data automatically in order to evaluate certain personal aspects (profiling). Profiling allows us in particular to inform you and advise you more precisely on products likely to interest you. To this end, we may use evaluation tools that allow us to communicate with you and advertise to you where necessary, including market and opinion research.
When establishing and implementing a business relationship, we generally do not use fully automated individual decision-making (as provided for by Art. 22 GDPR). If we use such procedures in certain cases, we will notify you separately and explain your rights in this matter if required by law.
To the extent that applicable law provides (in particular where the GDPR applies), you have the following rights:
Please note, however, that we reserve the right to assert restrictions provided for by law, for example if we are obliged to retain or process certain data, if we have an overriding interest in doing so (to the extent that we can do so). take advantage of it) or if we need it to assert rights. If you incur any costs, we will notify you in advance. We have already informed you of the possibility of withdrawing your consent in point 3. Please note that the exercise of these rights may conflict with contractual provisions and may result in consequences such as early termination of the contract or charges. We will inform you in advance if this is not already specified in the agreement.
Exercising these rights generally requires you to prove your identity (for example, by using a copy of your identity card, where your identity is unclear or cannot be verified). To exercise your rights, you can contact us at the address indicated in point 1.
Any data subject also has the right to assert their rights in court or to lodge a complaint with the competent data protection authority. The competent authority for data protection in Switzerland is the Federal Data Protection and Transparency Commissioner (http://www.edoeb.admin.ch).
Changes to this data protection declaration
We may change this data protection declaration at any time and without notice. The current version published on our website(s) is authoritative. If this data protection declaration is part of an agreement concluded with you, we will inform you by e-mail or other appropriate means in the event of a change.