This privacy policy provides information about how we process personal data as part of our activities and services – including the use of our website at limitlessit.ch . In particular, we explain for what purposes, in what manner, and at what locations we process which personal data. We also provide information about the rights of those whose data is affected.

1. Responsible body

Responsible for data processing on this website is:
Limitless IT
Hohlstrasse 335
8048 Zurich
info@limitlessit.ch

2. Definitions of terms

Affected person

This refers to a natural person whose personal data we process.
Personal data

This is all information relating to an identified or identifiable natural person.

Particularly sensitive personal data

This category includes sensitive data such as information on trade union, political, religious or philosophical beliefs and activities, information on health or privacy, ethnic or racial origin, genetic and biometric data that uniquely identify a person, as well as data on criminal or administrative sanctions, prosecutions or social assistance measures.

editing

Processing refers to any handling of personal data – regardless of the means and methods used. This includes, but is not limited to: recording, obtaining, storing, organizing, adapting, retrieving, comparing, linking, sharing, disclosing, archiving, deleting, destroying, or otherwise using data. 2.2 Legal Basis

Personal data is processed in accordance with the provisions of Swiss data protection law, in particular the Federal Data Protection Act (DSG) and the associated Data Protection Ordinance (DSV).

3. Type, scope and purpose of processing personal data

We only process personal data that is necessary to provide our services and activities in a long-term, user-friendly, secure, and reliable manner. This may include, in particular, the following categories: browser and device data, content and communication data, metadata, usage data, master data (including contact and inventory data), location information, transaction, contract, and payment data.

In addition, we also process data that is made available to us by third parties, comes from publicly accessible sources or that we collect ourselves in the course of our activities – provided this is permitted by law.

Processing takes place – where necessary – with the express consent of the data subjects. However, in many cases, we can also process data without consent, for example, to fulfill legal obligations or in cases of overriding legitimate interests. Even if consent is not required, we reserve the right to obtain it voluntarily.

Personal data is stored only for as long as necessary for the respective purpose. We then delete or anonymize the data, particularly taking into account statutory retention and limitation periods.

4. Disclosure of personal data

In certain cases, we share personal data with third parties, have it processed by third parties, or process it jointly with third parties. These are usually specialized service providers who support us in providing our services.

Such recipients may include, for example, banks and financial service providers, public authorities, educational institutions, research partners, lawyers, consultants, interest groups, IT and software service providers, cooperation partners, credit agencies, logistics and shipping companies, advertising and marketing agencies, media companies, associations, social institutions, telecommunications providers and insurance companies.

5. Transfer of personal data abroad

We generally process personal data within Switzerland. However, in certain cases, it may be necessary to transfer data to recipients in other countries or to have it processed there.

Data will only be transferred to countries that, in accordance with the decision of the Swiss Federal Council, guarantee an adequate level of data protection – regardless of the country or continent (or theoretically the universe) in which the recipient is located.

If the level of data protection in the target country is not considered adequate, we ensure that alternative protective measures are in place – for example, through the use of standard contractual clauses or comparable contractual guarantees. In exceptional cases, personal data may also be transferred without such guarantees, for example, if the data subject has expressly consented or the transfer is necessary for the conclusion or performance of a contract.

Upon request, we will be happy to provide data subjects with information about the existing guarantees or provide a copy.

6. Rights of data subjects and contact

Your data protection rights

As a data subject, you have comprehensive rights regarding your personal data under applicable data protection law. Below, we provide an overview of these rights:

• Right to confirmation and information
  You have the right to request confirmation as to whether we process your personal data. You can also obtain information about the data stored about you, as well as its origin, recipient, purpose, and duration of processing, free of charge at any time.
• Right to rectification
  If your stored personal data is incorrect or incomplete, you can request that it be corrected or supplemented immediately.
• Right to erasure (“right to be forgotten”)
  You have the right to request the immediate erasure of your personal data if one of the following reasons applies:
  • The data is no longer required for the original purposes.
  • You withdraw your consent and there is no other legal basis.
  • You object and there are no overriding legitimate reasons.
  • The data was processed unlawfully.
  • Deletion is required by law.
  • The data was collected in connection with an offer to children.
• Right to restriction of processing
  Under certain circumstances, you have the right to restrict the processing of your data – for example, if the accuracy of the data is contested or if deletion is not (yet) legally possible.
• Right to data portability:
  Upon request, we will provide you with your personal data in a structured, common, and machine-readable format. You can also request that we transmit this data directly to another controller, where technically feasible.
• Right to object:
  You can object to the processing of your data at any time if this arises from your particular situation. After receiving your objection, we will no longer process your data unless compelling legitimate grounds prevent this or legal claims are asserted.
• Right to withdraw consent.
  You can withdraw your consent to data protection at any time with future effect. The processing carried out up to the time of withdrawal remains lawful.

7. Further data protection information

SSL/TLS encryption

To protect confidential content and ensure the secure transmission of data – for example, for inquiries you send to us via our website – we use SSL or TLS encryption. You can recognize a secure connection by the fact that the web address in your browser’s address bar begins with “https://” and a lock symbol is displayed. If encryption is active, the transmitted data cannot be read by third parties.

Contact form

If you contact us via our contact form, the data you enter – including your contact details – will be saved in order to process your request and, if necessary, to be able to return to it for further questions.

Advertising and spam emails

The use of the contact information published in the context of the imprint obligation to send unsolicited advertising and information materials is hereby expressly prohibited. In the event of unsolicited advertising content being sent – ​​for example, by email or post – the operators of this website expressly reserve the right to take legal action.

8. Integration of third-party services

Our website uses various services from Google and other providers to improve functionality, analytics, and user experience. Personal data may be processed and transferred to servers outside Switzerland and the EU, particularly in the USA. Please note that an equivalent level of data protection cannot be guaranteed for the USA.

Services such as Google Maps for displaying maps, Google Invisible reCAPTCHA for protection against bots and spam, and YouTube for embedding videos.

These services are provided by Google LLC, based in the USA. Cookies may be used, and data is transmitted to servers in the USA. To the best of our knowledge, Google does not track any personal information simply by using these features.

Google has committed to maintaining an adequate level of data protection under the Privacy Shield Agreement between Switzerland, the EU and the USA.

Further details on data processing by Google can be found in Google’s privacy policy .

Google Ads & Conversion-Tracking

We use Google Ads to deliver targeted advertising. When you access our site via an ad, a cookie is stored that allows us to measure the success of our advertising campaigns. These cookies expire after 30 days and are not used for personal identification.

Google Remarketing

Using remarketing, we can show interest-based advertising to visitors to our website on other sites within the Google network. Cookies are stored in the browser for this purpose. You can opt out of this use at any time, for example, via https://www.google.com/settings/ads .

Google Analytics

We use Google Analytics to statistically analyze website usage. IP addresses are anonymized so that there is no direct personal reference. Google processes the data on our behalf. You can prevent the collection of data using a browser plug-in or an opt-out cookie: https://tools.google.com/dlpage/gaoptout.

Google Web Fonts

We use Google Fonts to ensure consistent font display. When you visit a page, your browser downloads the required fonts from Google servers. Further information can be found at: https://fonts.google.com .

Google Tag Manager

We use Google Tag Manager to manage analytics and marketing tags. This does not process any personal data itself, but enables the integration of other Google services.

Microsoft Services

We use various Microsoft services depending on the users’ geographical location:

• For persons in the European Economic Area (EEA), Switzerland and the United Kingdom, the responsible provider is Microsoft Ireland Operations Limited (Ireland).
• For users outside these regions, Microsoft Corporation (USA) is responsible.

For more information about data protection at Microsoft, see the following resources:
“Data protection at Microsoft,” “Data protection and privacy,” the full privacy statement, and information about data and privacy settings.

Integration of social media content and functions

We integrate features and content from social networks on our website, e.g., to display posts or facilitate sharing. We use plugins and interfaces from the following providers:

• Facebook (Meta Platforms Ireland Ltd. & meta companies in the US):
  Integration of typical social media elements such as “Like” and “Share” buttons as well as embedded content. Data protection information can be found in the Facebook privacy policy.
• Instagram (Meta Platforms Ireland Ltd. & meta companies in the US):
  Displays embedded posts from the Instagram platform. Further information on data processing can be found in the privacy policies of Instagram and Facebook.
• LinkedIn (Microsoft):
  Integration of features of the LinkedIn platform, e.g., via the “Share Plugin.” Information on data protection, cookies, and opt-out options (e.g., against personalized advertising or messages) can be found in LinkedIn’s privacy policy and cookie policy.
• X (formerly Twitter):
  Integration of posts, buttons and other elements of the X platform.
  Provider:
  • For users in the EEA and the United Kingdom: Twitter International Unlimited Company (Ireland)
  • For all other users: X Corp. (USA)
    Relevant privacy information can be found in the X Privacy Policy and in the information on personalized advertising, identity inference and privacy controls.

9. Notifications, newsletters and performance measurement

Sending messages

We only send communications such as emails, newsletters, or similar information if you have expressly consented or if this is legally permissible. The so-called double opt-in process can be used for registration: After registration, you will receive a confirmation email with an activation link to verify your registration. For verification and security purposes, this consent, including your IP address and timestamp, may be logged.

Content and technology

Our notifications may contain so-called tracking pixels or links. These allow us to record whether a message has been opened and which links have been clicked. This information helps us statistically evaluate usage and better tailor the content to the interests and reading habits of the recipients.

Objection and deregistration

You can revoke your consent to receive communications or unsubscribe from our mailings at any time – for example, via the unsubscribe link at the end of each message. This also applies to the associated performance measurement. This does not affect communications that are absolutely necessary for operation or contract fulfillment.

Shipping service providers used

To send messages, we use external service providers who work on our behalf and in accordance with contractual agreements with data protection requirements.

10. Presence in social networks

We maintain profiles and pages on various social media and online platforms in order to communicate with interested parties, customers and the public and to inform them about our offers, services and activities.

In connection with the use of these platforms, personal data may also be processed outside of Switzerland. In such cases, the data protection regulations, terms of use, and general terms and conditions (GTC) of the respective platform operators also apply.

These external platforms provide information in their privacy policies about the type and scope of data processing as well as the rights of data subjects, such as the right to information, rectification, or erasure – which must be asserted directly with the respective provider.

11. Use of our website: cookies, protocols and web beacons

11.1 Cookies

Our website uses so-called cookies, which are small text files or similar technologies that are stored on your device. We use both our own cookies (first-party cookies) and third-party cookies.

Cookies can be stored temporarily (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted when you close your browser, while permanent cookies remain stored on your device for a defined period of time. Among other things, they are used to recognize your browser the next time you visit, evaluate your website usage, or display content in a targeted manner (e.g., in online marketing).

You can deactivate or delete cookies in whole or in part at any time via your browser settings. Please note that doing so may limit certain functions of our website. Where necessary, we will obtain your express consent to the use of cookies.

For certain cookies, such as those used for advertising purposes or to measure audience reach, you can generally opt out via platforms such as:

• AdChoices (DAAC)
• Network Advertising Initiative (NAI)
• YourAdChoices (DAA)
• Your Online Choices (EDAA)

make.

11.2 Server log files (logging)

Each time you access our website or other online services, we automatically collect certain technical data. This may be stored in so-called log files and typically includes the following information:

• Date and time including time zone
• IP address of the accessing device
• HTTP status code (access status)
• Operating system and version including user interface
• Browser type, language and version
• subpages accessed including amount of data transferred
• previously visited page (referrer)

This data is necessary to ensure the secure and stable operation of our website, to prevent misuse, and to analyze errors. Processing may also be carried out by third parties or with the involvement of external hosting partners.

11.3 Web beacons

Our website may use so-called tracking pixels (also known as web beacons). These small, mostly invisible graphics or script commands are automatically activated when a page is loaded and enable the collection of usage data – similar to log files.

Web beacons are used by both us and third parties and enable, among other things, the analysis of visitor behavior or the success of online campaigns. Here, too, similar information as with server logging can be collected (e.g., IP address, browser type, time of visit).

12. Liability and changes

12.1 Disclaimer

The content of this website has been created with the utmost care and is regularly reviewed. However, we cannot guarantee the completeness, accuracy, or timeliness of the information provided – including editorial or journalistic contributions. Liability claims for material or immaterial damages resulting from the use of the content are excluded, unless there is evidence of intentional or grossly negligent fault.

The website operator reserves the right to change or remove content at any time and without prior notice. There is no obligation to continuously update the content. Use of this website is at your own risk. No liability is assumed for direct, indirect, or other damages that may arise from its use.

We assume no responsibility for the content of external websites accessible via links from this website. The respective providers or operators of these sites are solely responsible. We expressly distance ourselves from all linked content that could violate applicable law or morality.

12.2 Changes to this Privacy Policy

We reserve the right to amend this privacy policy at any time without prior notice. The most current version published on this website will apply. If this privacy policy is part of a contractual agreement with you, you will be notified of any material changes in an appropriate manner – e.g., by email or through a notice on the website.