C&G Trading GmbH
Company Name: C&G Trading GmbH / xpwear
C&G Trading GmbH or xpwear, Seestrasse 89, 8700 Küsnacht, Switzerland (hereinafter referred to as "we" or "us") attaches great importance to the protection of your personal data (information and details). When storing and processing your user data, we therefore fully comply with the relevant European, federal and cantonal legal regulations.
We take all reasonable steps to ensure that personal information cannot be accessed by unauthorized third parties. In addition, we will only disclose user information if we are required to do so by law or regulation.
For certain online services, the provision and registration of your personal data is unavoidable. If you provide us with personal information online that is not related to the conclusion of a contract, this personal data will not be evaluated or used or passed on for other purposes, unless you are expressly informed of this (e.g. by pointing out and subsequently accepting this data protection provisions).
- Visiting our websites (www.xpwear.com, www.xpwear.ch, www.xpwear.de and www.xpwear.at)
- Contact via contact form
- Marketing measures
- E-mail traffic
- All processing processes related to the execution of the contract
The controller is understood to be the natural or legal person who, alone or jointly with others, decides on the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
The person responsible for data processing on this website is:
C&G Trading GmbH, Seestrasse 89, CH-8700 Küsnacht
Basically, you provide us with your personal data for specific purposes. However, this personal data may also be used for other purposes where we have the right and permission to do so (legal basis/consent). We may also use personal information from other companies or sources for certain purposes where permitted by law.
The following categories of data will be processed, provided that you have transmitted them directly or indirectly to the responsible bodies:
- Contact details
- Payment, Purchase and Transaction Information
- Body measurements / clothing size
- Information about the customer account
- Information about behaviour on our websites
- Preferences in relation to our products
- Browsing Information
- About mobile devices
- Interaction and activities on social media (comments, reviews, etc.)
- Personal opinion (reviews, social media interactions, etc.)
Together with our provider, we have taken appropriate technical and organizational security measures to prevent accidental or intentional manipulation, loss or destruction of data or unauthorized access to it when using our website.
Encryption and a secure connection can be recognized by the "https://" extension in the address bar. In addition, depending on the browser type, a security lock or key symbol is displayed in the status bar at the bottom of the browser window and/or in the address bar of the browser.
When an encrypted connection is established, our server certificate together with the server address is first checked by the certification authority for validity and affiliation. This process ensures that your data is really sent to us and cannot be diverted to third parties. In addition, the certificate contains the key for encryption.
Older web browsers do not support SSL or TLS encryption technology. If you are using an older browser version, we recommend that you update to a newer version. We do not accept any liability for loss of data or diversion of data to third parties if browsers that do not support SSL or TLS encryption technology are used or necessary updates have not been made.
Our system uses targeted cookies to provide visitors with a better user experience. Cookies are small files that are exchanged between the visitor's browser and the web server and are written to the hard drive by the visitor's browser. Cookies can also be switched off (under browser settings / Except for so-called "essential cookies").
The following data may be collected:
- Information about the type of browser and the version used
- the user's IP address
- Date and time of access
- Path of the accessed website
- Status of the accessed website
If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website may be fully usable.
For websites, we use the consent technology of Digital Data Solutions B.V. (CookieFirst) to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document them in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V. (CookieFirst). We are entitled to change providers without corresponding notice to customers or visitors to the website.
We use a wide variety of analysis tools to identify analyses of customer behaviour on our websites. The reason for this is that visitors to the website can be shown customer-specific advertising on social networks or other advertising platforms and a solution that is as tailor-made as possible can be developed.
It is possible that data that does not allow any direct conclusions to be drawn about the person may be transmitted to analytics service providers abroad (e.g. Google Analytics, Google Tag Manager, FB Pixel, etc.) in order to process the above-mentioned process.
The following analysis tools can be used on our website:
- Shopify Analytics
- Meta Pixel
- Tiktok Pixel
We have no influence on the disclosure by the analytics tool provider.
In the following, hosting is understood to mean the provision of web storage space. We host the content of the website with the following provider:
Shopify International Limited
Victoria Buildings, 2. Etage
1-2 Haddington Road
Dublin 4, D04 XN32, Ireland
The personal data collected on this website is stored on the host's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
The external hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers and in the interest of a secure, fast and efficient provision of our online offer by a professional provider.
Our host will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.
The following service providers can be integrated into our website:
- X (formerly Twitter)
- External payment service providers (Visa, Mastercard, American Express, PayPal, Apple Pay, Shopify, Twint)
- Google (u.a. Google Maps, Google Invisible reCAPTCHA)
- Adobe Fonts
- Swiss Post
When using the above-mentioned services, the privacy policies of the respective third-party providers apply. Data collected as a result of visiting the website may be passed on to the above-mentioned third parties, which may be based in third countries. A transfer of your data to a third country is therefore possible. The responsibility for becoming aware of the relevant data protection provisions lies with the data subject himself/herself. We have no influence on the processing activities of the third party.
Exceptions: External service providers as well as companies that belong to the same group as us, who process the data that is absolutely necessary for this purpose on our behalf. All of these data recipients have committed themselves in their data protection regulations or in an order processing agreement to ensure compliance with data protection and data security.
This means that we can have data processed by a processor. In any case, the legal requirements will be complied with and the processor will be contractually obliged to process the data only in accordance with the contractual agreements between us and the data subject in accordance with the present data protection regulations. Every person has the right to prohibit the disclosure of the data or the storage of the data with external service providers (e.g. cloud providers), provided that our contractual obligations can still be fulfilled as a result.
For the comment function on this website, in addition to your comment, information about the time the comment was created, your e-mail address and, if you do not post anonymously, the username you have chosen, will be stored.
In order to process the contract, it is imperative to process personal data.
Therefore, we collect personal data in order to process data in accordance with the law and store it in accordance with the relevant articles of the law for legally compliant accounting.
You will only receive e-mails or e-newsletters from us with your consent and can be excluded from receiving further communications at any time. If data is obtained from a third party, we may use personal data for marketing purposes after fulfilling the necessary information obligations in accordance with the relevant legal provisions. You can also prohibit this editing at any time.
By concluding a purchase contract with us, you agree that the personal data may be processed by us for marketing purposes by means of newsletters. A revocation can be asserted at any time.
Note on e-mail traffic: Please note that the e-mails from you to us or from us to you are not encrypted and are therefore not considered a secure means of communication. E-mails can be cached, evaluated and read by intermediaries, for example by e-mail providers (such as Hotmail, Gmail, Cablecom, etc.), employers (for business e-mails), etc., but also by so-called "man in the middle", especially - but not only - when using WLAN. Do not use e-mails to communicate confidential matters or to transmit confidential data, especially personal data.
We would also like to draw your attention to the fact that e-mails can be stored on external servers (so-called clouds).
The newsletter is sent via the mailing service provider 'MailChimp'. This is based in the USA. It is therefore possible that your personal data will be disclosed when the newsletter is sent to the USA.
The newsletters as well as other marketing measures by e-mail may contain so-called tracking pixels. A web beacon is a miniature graphic that is embedded in such e-mails, which are sent in HTML format to enable log file recording and log file analysis. As a result, a statistical evaluation of the success or failure of online marketing campaigns can be carried out. The embedded tracking pixel allows us to see if and when an email has been opened by a data subject and which links in the email have been accessed by the data subject. Such personal data collected via the tracking pixels contained in the newsletters will be stored and evaluated by the controller in order to optimize the newsletter dispatch and to adapt the content of future newsletters or marketing measures even better to the interests of the data subject. Data subjects are entitled to revoke the declaration of consent given in this regard at any time. We automatically interpret unsubscribing from receiving the newsletter or other marketing measures as a revocation.
The processing of personal data in the context of online events and competitions is based on the consent of the data subjects, which is obtained in each case when registering for the competition.
By registering for an event or competition, you agree that companies closely associated with us may display, edit, analyze and use your information internally for any post-processing. We also reserve the right to review all registrations and revoke them in justified cases.
The processing in connection with competitions is carried out either by ourselves or by processors specifically commissioned for the respective processing, with whom there are written contracts that regulate in particular the confidential and secure processing of this data in accordance with our instructions.
Data subjects have the right to withdraw their consent at any time and to object to the further processing of their data.
To communicate with our customers, we use online conference tools, among other things. If you communicate with us via video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool.
With regard to the processing by us, the present data protection provisions apply. The processing by the provider of a corresponding platform is carried out on the basis of its data protection provision and must be noted by the customer in advance if necessary.
Customers who leave a written review for the products purchased may be published on our website as a reference review.
A revocation of consent to publication can be communicated to firstname.lastname@example.org at any time.
Consent to the delivery of advertising or newsletters can be revoked at any time.
If you provide contact details that allow you to contact us by phone, we may use them for marketing purposes.
In addition to the collection of personal data directly from the data subjects, we also reserve the right to obtain data from third parties, in particular for credit checks and for the procurement of purchase probability values. The personal information relevant for order and payment processing may be transmitted to a specialized company in Switzerland for credit checks.
We may also obtain data from third parties for marketing purposes. In such a case, we protect the rights of the person concerned to information and access. These can be claimed under email@example.com.
Among other things, e-mail address, surname, first name and residential address can be obtained.
In order to process the orders, to provide you with different payment options, to provide a smooth payment process, to ensure that your payment is received, as well as to comply with the requirements of our Terms and Conditions (to sell products to you), including invoice processing, delivery, personalization services, exchanges and refunds, it cannot be concluded that our solutions for detecting Consider fraud in your transaction to be suspicious and potentially fraudulent. Please note that the payment fraud detection system is based on automated decision-making. This is necessary for us to conclude the contract with you. You have the right to request a human review of this decision.
A deletion or correction of the personal data can be requested at any time under firstname.lastname@example.org. The prerequisite for binding deletion is that the user no longer has an existing contractual relationship with us and that there are no statutory retention obligations that speak against deletion.
All other rights granted by the Data Protection Act can be exercised under the above-mentioned e-mail address. In particular, information about data processing within our company can be obtained.
We are entitled to request proof of identity of the person asserting information rights. This is in order to protect the interests of all persons/parties involved.
Insofar as you have given us your consent for the processing of your personal data, this was the legal basis for the processing (Art. 6 (1) (a) GDPR).
Please also note Section 3 for consent to the transfer of data to recipients outside the European Economic Area (Art. 49 para. 1 sentence 1 letter a GDPR).
The legal basis for the processing of personal data for the purposes of initiating or fulfilling a contract with you is Art. 6 (1) (b) GDPR.
In addition, we process personal data for the purposes of safeguarding our legitimate interests as well as the legitimate interests of third parties in accordance with Art. 6 (1) (f) GDPR (e.g. third-party payment services). The maintenance of the functionality of our IT systems, the (direct) marketing of our own and third-party products and services (insofar as this is not done with your consent) and the legally required documentation of business contacts are such legitimate interests.
The controller collects and processes the personal data of applicants for the purpose of handling the application process. The processing may also be carried out electronically.
If the controller does not conclude an employment contract with the applicant, the application documents will be deleted promptly after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller or the applicant has given consent to further processing.
The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or the named rights holders. For the reproduction of all files, the written consent of the copyright holders must be obtained in advance.
We disclaim any liability that goes beyond the mandatory legal requirements.
In particular, with regard to data protection, the accuracy of information (prices or availability of products), links to other websites or the up-to-dateness of website information.
Swiss law applies to the legal relationship between us and data subjects with regard to data protection issues. Subject to conflicting mandatory statutory provisions, the exclusive place of jurisdiction is Zurich.