Privacy Policy

 

Last Updated: 1st March 2024

Universal Genève SA (“we”, “our”, or “us”) is committed to protecting the privacy and security of your personal information. This privacy policy explains how we collect, use, and share your personal information when you visit our website or use our services.

We operate the website www.universal.ch and its services. For more information about our services, see our Terms of Use here: www.universal.ch/terms-of-use/.

1. Who We Are and How to Contact Us or Relevant Authorities

Our company name is Universal Genève SA. We are registered in Geneva, Switzerland under company registration number CHE-103.061.464 HR/MWST, with our main office located at Chemin du Grand- Puits 38, 1217 Meyrin, Switzerland.

Hosting services for our website is provided by AWS in their servers in Switzerland.

2. Direct collection:

When you contact us at contact@universal.ch to inquire about our products, after sales services or any other request, we may collect personal information such as your name, surname, email address, details of your request.

Automatic Collection: We may automatically collect information when you use our website or contact us electronically, including:

  • Technical information such as IP address, login information, browser type and version, time zone, browser plug-ins, operating system, and platform.
  • Information about your visit, such as URLs, clickstream data, page response times, download errors, page interaction details.
  • Cookies: Our website only uses cookies that are strictly necessary to ensure to correct functioning of the website. Cookies are small files that are saved on your computer or mobile device when you visit or use our website. Cookies save certain settings via your browser (e.g. preferred language) as well as data regarding information exchanged with the website via your browser.

Sensitive information: We do not process sensitive or special categories of personal information such as ethnicity, religious or political beliefs, health, or sexual life data.

Children: Our services are not intentionally directed to or intended for use by those under 18. We do not knowingly collect personal information from anyone under 16 years of age.

3. Why and How We Use Personal Information

We use your personal information for specific reasons and only if we have a legal basis (justification) to do so. Below is a list of examples of the main reasons for our processing and their legal basis:

  • Customer support: Replying to inquiries, notifying you of changes and solving issues via support and where necessary, for handling legal claims.
    Legal basis: consent and legal requirements.
  • Running and improving our services: guarantee correct functioning of our website, security maintenance, fraud prevention, managing risks, testing features, managing landing pages.
    Legal basis: legitimate interest and legal requirements.
  • Performing our agreements: Processing and fulfilment of orders, supplying goods or services, generating invoices or other payment documents, processing payments, shipping, and delivery.
    Legal basis: contract.
  • Other reasons: We may also seek your consent for specific purposes. When we do so, we will explain the purpose in the relevant consent request. Furthermore, if required by law or public authorities, we may use your personal information to comply with such requirements.
    Legal basis: consent and legal requirements.

More details on legal bases:

  • Contract: We generally process your personal information when we need to do so to fulfil a contractual obligation or entering into a new contract with you.
  • Legitimate interest: We may process your personal information for service-related reasons, including risk and fraud prevention, support, improving products and services, reporting and analytics, feature testing, and communications. This basis will only be used after performance of a legitimate interest assessment that guarantees that your rights and freedoms are not undermined, and the processing is in line with your reasonable expectations based on our relationship.
  • Legal requirements: we may use your personal information to comply with legal obligations.
  • Consent: We may use your data with your consent, which you can withdraw anytime by emailing us at dataprivacy@breitling.com

4. Sharing Your Data with Third Parties

We partner with third parties to guarantee the functioning of the website (i.e. AWS), provide our services and products, which sometimes requires sharing your personal information with them. These third parties might include payment processors, shipping companies, hosting services, customer communication platforms, mail handling services, analytics providers, and customer relationship management platforms, This is only applicbale where such a sharing is required to satisfy your request.

We may also share your personal information:

  • Within our company group (i.e. Breitling S.A.) for internal business and operational purposes;
  • During business transitions such as mergers, acquisitions, or asset sales; and/or
  • When legally required (e.g., for law enforcement investigations or other legal proceedings)

5. International transfer of data

We store your data on servers located in Switzerland. Where, in line with this privacy policy, your personal data is to be transferred outside of the European Economic Area, we will ensure this is performed in line with national and international legislations (e.g. under Chapter V of the GDPR). In particular, where required by law, your personal data will only be transferred to countries offering an adequate level of protection according to the European Commission.

6. Your Data Protection Choices and Rights

Under applicable data protection laws (including the GDPR and Swiss Federal Act on Data Protection), you have rights regarding our processing of your personal information, such as access, rectification, objection,complaint, erasure, and blockage. Exercising these rights is free of charge. Please contact us by email at privacy@breitling.com if you wish to make a request in relation to:

  • Accessing your personal information;
  • Correcting inaccurate or incomplete personal information;
  • Erasing your personal information;
  • Restricting processing of your personal information;
  • Objecting to processing, if to receive your Personal Data in a structure, commonly used and machine-readable format or have such transmitted to another controller;
  • Withdrawing consent;

If you make a request, we have one month to respond to you. This period may be extended by two further months where necessary, taking into account the complexity and number of the requests.

If you are dissatisfied with the way we manage your personal information, we encourage you to contact us first so that we can attempt to resolve your concerns. You can always reach out to the relevant data protection authority.

7. Retention of your personal data

We will keep your Personal Data no longer than the reasonable time necessary for the purposes as set out in this Privacy Policy and for satisfying any legal or regulatory requirements, and more particularly:

Personal Data processed for answering your request and providing you information about us, our products, special offers our services, and our business partners, will be kept for 3 years after your last contact with us or upon the date of withdrawal of your consent or objection to such communication;

Personal Data processed for the good performance and management of our contractual relationship with you, will be kept for the necessary duration but no longer than 10 years after the end of your business relation with us or your last contact with us;

Personal Data collected to prevent fraud and other prohibited or illegal activities will be kept for the duration necessary for protecting ourselves in the event of a legal claim but no longer than 10 years from the last processing;

Data processing records related to the management of your request for access to, rectification or deletion of your Personal Data, will be kept for the duration necessary for protecting ourselves in the event of a legal claim but no longer than 5 years from the last event.

The above data retention periods apply, unless we may be required by law, in specific circumstances, to retain the data for a longer duration.

In accordance to section 14 below, you have the right to ask for the deletion of your Personal Data at any time, to the extent compatible with legal obligation that may impose longer data retention periods on us.

At the end of these data retention periods, your Personal Data will be permanently deleted or fully anonymized.

8. Security

Keeping your Personal Data secure is important to us. Whilst we are unable to guarantee 100% security, we will do our best and put in place measures in order not to allow your Personal Data to be accessed by unauthorized third parties.

9.Changes to our Privacy Policy

We may update this privacy policy from time to time. Any changes will be posted here and, if appropriate, notified by email. Please check back regularly for any updates or changes.