Data Protection Policy Gallery von Bartha

Protecting your data is of utmost importance to us. With this privacy policy, we, Gallery von Bartha, aim to inform you about how we collect, use, disclose, and otherwise process personal data. The processing of personal data is carried out in accordance with the provisions of the Federal Act on Data Protection and the General Data Protection Regulation in their respective valid versions.

1. Data Controllers

Responsible for the processing of personal data is Gallery von Bartha unless we inform you otherwise in individual cases. The entity responsible according to this privacy policy is Gallery von Bartha, Kannenfeldplatz 6, 4056 Basel. For inquiries regarding data protection, you can always contact us at the following address:

Gallery von Bartha & Co.
Kannenfeldplatz 6
4056 Basel
+41613221000
info@vonbartha.com

2. Types of Personal Data

Personal data refers to all information relating to a specific or identifiable natural person. The personal data we collect includes names, postal addresses, email addresses, telephone and fax numbers, company names, bank details, and business connections of our customers and business partners.
An affected person is any natural person whose personal data is processed.

3. Collection of Personal Data

Some of the personal data is provided to us by the affected individuals themselves when they provide this information to us, use our services, subscribe, or unsubscribe to our newsletter, or contact us by email or phone. These data include, for example, names, addresses, and bank details. We may also collect personal data ourselves, for example, when affected individuals use our services, or we extract data from publicly accessible sources (e.g., debt collection registers, commercial registers, press, internet, media, social media) (e.g., information from media and the internet, credit reports, your addresses, and possibly interests and other socio-demographic data). Additionally, we may receive data from our business partners, other companies, or third parties.

4. Processing of Personal Data

We use the personal data we collect for communication purposes, including not only the processing of our business activities but also marketing activities such as sending newsletters and other information about our company, invitations to events, and other activities. We also process personal data to comply with our legal or regulatory obligations, including documentation and compliance with legal requirements.
Where consent has been granted for the processing of personal data for specific purposes (e.g., subscribing to newsletters), we process the personal data within the defined scope and based on this consent. If necessary, we may also base the processing of personal data on other legal grounds.

5. Purpose of Data Processing

We primarily use personal data to fulfill the purposes of our organization, to provide our services, to initiate and process transactions with our customers and business partners, and to comply with our legal obligations. Furthermore, we process personal data for advertising and marketing purposes, market and opinion research, and the development of our offerings. We rely on our legitimate interests in maintaining our business relationships and communicating with potential customers. These interests are in line with applicable data protection laws.

6. Duration of Retention

If no explicit retention period is stated at the time of collection or in this privacy policy, we process and store personal data until it is no longer necessary to fulfill the processing purpose, unless legal retention obligations (e.g., cultural property protection, commercial and tax retention obligations) prevent deletion. It is possible that personal data may be retained for the period during which claims can be asserted, and as far as we are otherwise legally obligated or have legitimate business interests (e.g., for evidence and documentation purposes, for the purpose of fulfilling our duty of care according to Art. 16 KGTG).

7. Data Security

As part of our business activities, we disclose personal data to third parties to the extent permitted and deemed appropriate. These third parties particularly include our service providers (e.g., banks, insurance companies, cloud providers), merchants, suppliers, and other business partners, as well as domestic and foreign authorities. In this context, your personal data may be stored in Switzerland and other countries in Europe and the USA, where our service providers are located. When processing personal data outside Switzerland or the European Economic Area, we take the necessary measures required by applicable data protection laws to ensure that your personal data is treated as securely and protected as in Switzerland or within the European Economic Area, unless we can rely on an exception provision.
We protect personal data through appropriate security measures to prevent loss, misuse, unauthorized access, disclosure, alteration, or destruction. We implement suitable technical and organizational measures. However, we cannot guarantee the absolute security of data.

8. Rights of the Affected Person

An affected person has the right to information, correction, deletion, or restriction of the processing of personal data, the right to object to the processing, and the right to data portability. Consent given for specific data processing can be revoked at any time, but this does not affect data processing that has already taken place. Additionally, affected individuals have the right to assert their claims in court or file a complaint with the competent data protection authority.