Privacy policy

This privacy policy informs you about data processing when you visit this website or enter into a contractual relationship with us or are interested in such a relationship.

We reserve the right to amend this data protection information from time to time so that it always corresponds to the actual and legal situation. Please check the data protection provisions regularly when you visit our website.

Our website may also contain links to third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these privacy policies.

The processing of your data is subject to Swiss law and, in certain areas, to the General Data Protection Regulation of the European Union (GDPR) and the United Kingdom (UK GDPR; hereinafter uniformly referred to as GDPR).

1. Meaning of terms

The terminology used in Swiss data protection law and in the GDPR (e.g. personal data/personal data; processing/processing) is used consistently in this privacy policy. They should be understood in the specific case in accordance with the relevant legal regulations.

In this privacy policy, we use the term "data" synonymously with "personal data".

2. Basis for data processing

Your data is processed in compliance with the Swiss Data Protection Act and, in certain areas, the General Data Protection Regulation of the European Union (GDPR) and the United Kingdom (UK GDPR; hereinafter uniformly referred to as GDPR).

The Swiss Data Protection Act (DPA) does not generally stipulate that a legal basis for data processing must be specified. If such a basis is specified, it refers to data processing in accordance with the GDPR.

If we process data on the basis of consent, we will inform you separately in each case, stating the relevant purposes. You can withdraw your consent at any time with effect for the future. You can revoke your consent either directly via the website or by contacting us in writing. You can find the contact information
in section 4.

Insofar as the GDPR applies, we process your data on the legal basis of Art. 6 para. 1 lit. a) GDPR (consent), Art. 6 para. 1 lit. b) GDPR (fulfilment of a contract), Art. 6 para. 1 lit. c) GDPR (legal obligation) or Art. 6 para. 1 lit. f) GDPR (legitimate interests).

3. Person responsible for data processing

Responsible for the data processing described in this privacy policy is

Sarida Bossoni Agency for Directors of Photography Reginastrasse 5 8038 Zurich

4. Contact information

You can contact us for your data protection concerns and to exercise your rights in accordance with
section 12 as follows:

Sarida Bossoni 
Agency for Directors of Photography
Reginastrasse 5, CH-8038 Zurich 
+41 79 279 11 99
welcome@saridabossoni.com

We have created the following additional positions:

Data protection representative in the EU: 
Rickert Rechtsanwaldsgesellschaft mbH
- Agency for Directors of Photography - 
Colmantstrasse 5
53115 Bonn
Germany
art-27-rep-agencyforDOP@rickert.law

Data protection representative in the UK: 
Rickert Services Ltd UK
- Agency for Directors of Photography - 
PO Box 1487
Peterborough
PE1 9 XX
United Kingdom
art-27-rep-agencyforDOP@rickert-services.uk

5. Data processing

When you visit our website, online identifiers such as your IP address or cookies are automatically recorded.

When you contact us, e.g. by e-mail or telephone, we collect the data you enter and exchange between us, including the marginal data of the communication and the data that is necessary with regard to cooperation and a customer relationship.

Finally, to the extent permitted by law, we receive data from publicly accessible sources, authorities or other third parties (e.g. social media, commercial register entries, etc.).

6. Processing purposes

We process your data for the following purposes:

- Provision of the website
- Contract processing
- General communication with you
- Marketing and relationship management
- Improvement and development of our offer
- Analysis and optimisation of the use of the website
- Security purposes
- Compliance with legal or regulatory requirements

7. Disclosure of data to third parties

With regard to the items 6 we also transfer your data to service providers such as IT providers or providers of the tools listed below.

In addition, we also transmit data to authorities if we have a legal obligation to do so.

8. Data transmission abroad

In connection with the transfer of data to third parties, it is possible that your data will not only be processed in Switzerland. If the statutory data protection in the relevant recipient country does not correspond to the level of data protection in Switzerland, we will take appropriate measures to ensure that a transfer may take place, e.g. by concluding the standard contractual clauses of the European Union or that another option provided for by law exists, e.g. by us fulfilling a contractual obligation for you or you giving us your consent .

9. Duration of data processing

In principle, the data is deleted as soon as the purpose has been fulfilled and there are no longer any statutory retention obligations.

10. Data security

We have taken technical and organisational measures, which are regularly reviewed and adapted to technical progress, to protect your data from loss, access, misuse or alteration.

11. Your rights

As a data subject, you have the following rights in connection with the processing of your data relevant under data protection law:
- Right to information about what data we store about you and how we process it
- Right to rectification of your data
- Right to erasure or restriction of your data
- Right to object to data processing
- Right to data portability, i.e. to request the surrender of certain data in a commonly used
format or its transfer to another controller.
- Right to lodge a complaint with a supervisory authority

The contact details of the Federal Data Protection and Information Commissioner can be found here:

https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html.

If you have any questions about data protection, please send an e-mail to welcome@saridabossoni.com.

12. Individual data processing

12.1 Provision of the website

The following data is collected when you visit our website:
- IP address (if possible, this is stored anonymised)
- Domain name of the website you came from
- Names of the retrieved files
- Date and time of a retrieval
- Name of your Internet Service Provider
- and, if applicable, the operating system and browser version of your end device

We only store IP addresses for data security reasons in order to guarantee the stability and security of our system. We reserve the right to statistically analyse anonymised data records.

We also use cookies on the website. Cookies are small pieces of data that are stored in the browser of the website visitor.

We use so-called "session cookies". Such cookies are automatically deleted at the end of your visit to the website. Other cookies remain stored on your end device until you delete them.

Cookies are used to ensure the security of this website, to measure system effectiveness and to optimise the user experience.

Cookies can be used to track your movements and actions on this website.

You can use the Consent Management Tool (cookie banner) and your browser settings to configure cookies on your end device. Please note that if you completely deactivate cookies, you may no longer be able to use all the functions of this website.

Legal bases:
- Legitimate interests (Art. 6 para. 1 lit. f GDPR);
- Consent (Art. 6 para. 1 lit. a) GDPR).

12.2 Vimeo videos

We have integrated Vimeo videos on our website, which are stored on the servers of the provider Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011, and can be played from our website via embedding. When you play these videos, cookies are stored on your computer and data may be transferred to Vimeo.

When videos stored on Vimeo are played, at least the following data is currently transmitted to Vimeo LLC: IP address and cookie, the specific address of the page accessed on our site, system date and time of access, identification of your browser.

This data is transmitted regardless of whether you have a Vimeo user account through which you are logged in or whether you do not have a user account. If you are logged in in this way, Vimeo LLC may assign this data directly to your account. If you do not wish to be associated with your profile, you must log out of the Vimeo platform before activating the play button for the video.

Further information and Vimeo's privacy policy can be found here: https://vimeo.com/privacy

Legal bases:
- Legitimate interests (Art. 6 para. 1 lit. f GDPR);
- Consent (Art. 6 para. 1 lit. a) GDPR).

12.3 Social networks (social media)

We maintain an online presence on Instagram to communicate with the users active there and to provide information about us and our services.

From the website you can access Instagram via links. Detailed information and the privacy policy can be found here: https://help.instagram.com/519522125107875

Legal bases:

- Legitimate interests (Art. 6 para. 1 lit. f GDPR);

- Consent (Art. 6 para. 1 lit. a) GDPR).

12.4 Customer relationships and general business communication

When you contact us (e.g. by telephone, e-mail or chat) or we contact you, we process the personal data required for this.

We primarily process the personal data that we require from our clients and other business partners as part of our client relationships and other contractual relationships with them and other persons involved.

We process the following information in particular:
- Contact information (e.g. surname, first name, address, telephone number, e-mail, other contact information)
- Edge data for communication (e.g. IP address, communication channel)
- Personal information (e.g. date of birth, nationality, marital status, passport / ID number, AHV number, family circumstances, etc.)
- Financial information (e.g. data on bank details, tax information)
- Other information that the user uploads, provides or creates while using the video conferencing service as well as metadata used for the maintenance of the service provided.
- Personal information (e.g. profession, function, employer company)

We process personal data for the purposes described on the basis of the following legal bases:
- Initiation, conclusion or execution of a contract with the data subject or in favour of the data subject, including contract initiation and possible enforcement
- Fulfilment of legal obligations
- Contact mediation
- Initiation of further collaborations

Legal bases:
- Fulfilment of a contract (Art. 6 para. 1 lit. b) GDPR);
- Fulfilment of legal obligations (Art. 6 para. 1 lit. c) GDPR);
- Legitimate interests (Art. 6 para. 1 lit. f GDPR);
- Consent (Art. 6 para. 1 lit. a) GDPR).

We may disclose data to the following third parties: Clients, travel companies, accounting and IT service providers.

We use services such as "Zoom", "Google Meet" or a service of your choice to organise telephone conferences, online meetings and video conferences.

Further information and Zoom's privacy policy can be found here: https://explore.zoom.us/en/privacy/

Further information and Google Meet's privacy policy can be found here: https://support.google.com/meet/answer/9852160?hl=en

In connection with the transfer of data to third parties, it is possible that the data will not only be processed in Switzerland.