Privacy Policy

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations, as well as this privacy policy. Personal data is only collected and processed on this website to the extent that is necessary. The following statement gives you an overview of how we ensure this protection and what type of data is collected for what purpose.

Name and address of the controller

The controller as per the data protection legislation is:

Arbonia AG
Amriswilerstrasse 50
9320 Arbon

T +41 71 447 41 41 

1. Personal data

When you use this website, various personal data is collected. Personal data is data which can be used to identify you personally. In your case, this may be your name, your e-mail address or your phone number, for example.

2. Minors

Minors (i.e. those under the age of 18) must not transfer any personal data to us without the consent of a parent or guardian. We recommend that all parents and guardians familiarise the minors in their care with the safe and responsible use of personal data on the internet. We will never knowingly collect any personal data from minors, nor will we use it in any way or disclose it to third parties.

3. Collection and processing of personal data

a) When visiting our website

When you visit our website, we process data which your browser automatically sends to us. The data comprises your IP address, the time of the server request, the browser type and version, the operating system used, the referrer URL and the host name of the accessing computer. We only process personal data relating to the use of our website if this is necessary to allow the user to use the service.

This data is collected and processed for internal statistical purposes. The basis for the processing of data is the performance of a contract or pre-contractual measures. The other basis for the processing of data is our legitimate interest in processing the data in order to ensure the stability and security of the website.

We sometimes also use cookies. Cookies are small text files which are stored on your computer and which your browser saves. They are used to make our presence more user-friendly, effective and secure. Most of the cookies we use are what are known as session cookies. They will be automatically deleted at the end of your session. Cookies do not harm your computer and do not contain viruses.

How do I prevent cookies being saved?

If you want to block cookies, you can change your browser settings to enable this. Below you can find instructions for making cookie settings in every major browser:

If you block cookies, no information about your device or surfing behaviour during your website session will be stored. Blocking cookies will affect how our website performs. It may mean that you are not able to use all the functions and services that we offer.

We use the following Google Analytics cookies:  

  • _ga
    Google Analytics
    This cookie is used to distinguish between users.
    Stored for 2 years
  • _gid
    Google Analytics
    This cookie is used to distinguish between users.
    Stored for 1 day

Information on Google Analytics

Google Analytics is a web analytics service provided by Google Inc.(1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). When you visit our website, Google collects data on our behalf in order to analyse how you use the website and compile website activity reports for us. We have concluded a contract data processing agreement with Google.

Analysing how our website is used allows us to keep improving it. The provider uses cookies to help achieve this. Examples of the data collected include information on the operating system and browser, your IP address, the website from which you accessed our website (referrer URL) and the date and time of your session on our website. The information generated by this text file concerning the use of our website is transferred to Google servers (in the USA) and stored there. IP anonymisation is used on our website. Your IP address is shortened in the territory of EU member states and the European Economic Area, including Switzerland. This prevents your IP address from being linked to you.

You have the option to prevent Google Analytics from using your data by downloading a browser add-on for this purpose: 

You can obtain more detailed information on data privacy directly from Google: 

b) When using a contact form/sending an e-mail

When you complete the contact form, your enquiry is sent via e-mail to the relevant contact person.

When you send us an e-mail or complete the contact form, the data that is transferred voluntarily (such as your title, first name, surname, phone number and company name) will only be used for correspondence with you. If it needs to be used for any other purpose, we will expressly inform you of this and ask for your consent.

As communication via e-mail does not provide a secure data connection, please refrain from sending any confidential information in this way. Any messages are stored in the inboxes associated with the relevant e-mail addresses. Arbonia AG’s e-mail infrastructure is hosted in Switzerland.

Your personal data is processed on the basis of your consent. You can revoke this consent at any time. To do this, you can simply send an informal e-mail to The lawfulness of any data processing actions performed before the revocation remain unaffected by the revocation.

Your personal data remains with us until you request that we erase it, you revoke your consent to store it or the purpose of storing the data no longer applies (e.g. after your request has been processed). Statutory storage periods remain unaffected by this.

c) Data processing in application procedures

We collect and process the personal data of applicants for the purpose of handling the application procedure. If an employment contract is concluded with an applicant, the transferred data is stored for the purpose of handling the employment relationship, taking legal provisions into account. 

If an employment contract is not concluded with the applicant, the application documents are deleted six months after the notification of rejection, provided the deletion does not conflict with any other legitimate interests of the controller. 

Personal data is processed for the aforementioned purposes on the basis of consent or a legitimate interest which conflicts with deletion.

We may cooperate with other Arbonia group companies and other third-party data processors (e.g. IT service providers). Any transfer of personal data is carried out in accordance with the applicable data protection laws, and suitable contractual, technical and organisational measures exist.

Personal data is stored exclusively in Germany and Switzerland.

Information on rexx

We use the services of rexx systems GmbH, Headquarters, Süderstrasse 75–79, 20097 Hamburg, Germany (referred to below as “rexx”). The Swiss subsidiary, rexx systems Schweiz AG, is registered at Sparrenbergstrasse 5, 8103 Zurich. Once your personal data has been entered and transferred as part of the application procedure, it may be sent, via an encrypted connection, directly to the rexx server, which stores the data in encrypted form exclusively on its server at the computer centre of Host Europe GmbH (Cologne). In this case, all data is encrypted using SSL. If you log in with the user data provided after registration, SSL encryption is also used for this.

Personal data is transferred in accordance with the applicable data protection laws, and suitable contractual, technical and organisational measures exist. Both the controller and the provider implement technical and organisational safety measures to protect your collected data from accidental or wilful manipulation, loss, destruction or access by unauthorised persons. Our safety measures are continually being improved in line with the latest technological developments.

d) Data processing for the purpose of sending press releases

On our website, you can subscribe to press releases in English or German. When you subscribe, the data you provide will be used for the purpose of sending press releases, provided you have not consented to any additional use.

After you subscribe, you will receive a confirmation e-mail to the e-mail address that you have provided. The subscription process will not be complete until you have clicked on the link in this e-mail. Processing takes place exclusively on the basis of your consent. You can revoke the consent you have granted to store the data and e-mail address, and to their use, at any time via the unsubscribe option in the press release. The lawfulness of the data processing actions already performed before the revocation remains unaffected by the revocation.

Data you provide when subscribing is stored by us until you are removed from the distribution list and have unsubscribed from press releases. Any personal data that we have stored for another purpose or based on another consent (e.g. e-mail addresses for other functions on the website) remain unaffected by this.

In order to send press releases, we use a subcontractor in Germany that stores your personal data for the purpose of sending press releases within Germany.

e) Providing contractual services

We process personal data to the extent necessary in each case in order to provide you with our contractual or pre-contractual services, and in order to perform other services that you have requested. The data that is processed in this case, and the nature, scope, purpose and necessity of processing it, are determined on the basis of the underlying contractual relationship.

Processed data includes master data (such as your name and address), contact data (such as your e-mail address and phone number), contractual data (such as services used, contract content, contractual communication and names of contact persons) and payment data (such as bank details and payment history).

Data is erased in cases where it is no longer required to fulfil contractual or legal obligations; the need to store data is reviewed at intermittent intervals. Otherwise, statutory retention obligations apply.

4. Website hosting

This website is hosted by an external service provider (host). Personal data collected on this website is stored on the host’s servers. This data mainly refers to IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website access instances and any other data generated via a website.

The host is used in order to fulfil our contractual obligations to our potential and existing customers, and in the interests of providing our online presence securely, quickly and efficiently through a professional provider. Our host will only process your data to the extent that is necessary to fulfil its performance obligations and will follow our instructions in relation to the data. The host is maxcluster GmbH, Lise-Meitner-Strasse 16, 33104 Paderborn, Germany. Data is hosted in Frankfurt. To ensure that processing is compliant with data protection requirements, we have concluded a contract concerning contract processing with our host.

5. Passing on personal data to third parties

We always handle your personal data confidentially and only pass it on in cases where you have granted your consent to this, we have a legal obligation or are entitled to do so, or doing so is necessary for the purpose of asserting our rights; in particular, asserting any claims arising from the contractual relationship.

Additionally, we pass on your personal data to third parties if this is necessary or appropriate in the context of the website being used or services that you have requested being provided (including outside the website).

The legal provisions concerning passing on personal data to third parties are, of course, adhered to in these cases. In cases where we engage contract processors in order to provide our services, we put suitable legal safeguards in place and take appropriate technical and organisational measures to ensure that your personal data is protected in accordance with the applicable legal provisions.

If the level of data protection in a country where the data is being processed does not line up with the applicable data protection provisions, we will put contractual measures in place to ensure that the protection of your personal data is consistently at the same level as protection that would be provided in Switzerland or the EU/EEA; for example, by using EU standard contractual clauses.

If any data is exchanged within the Group, we will put appropriate contracts in place and observe the applicable data protection provisions to ensure that your data is protected.

6. Duration of storage

We will only process and store your personal data for the period required to achieve the purpose of storage or to the extent required in laws or provisions to which we are subject. If the purpose of storage no longer applies or if the specified storage period elapses, your data will be routinely blocked or erased in accordance with statutory provisions.

7. Data security

We put technical and organisational security measures in place to protect your personal data against manipulation, loss, destruction or access by unauthorised persons, and to ensure that your rights are protected and applicable statutory data protection provisions are adhered to.

The measures are designed to maintain the confidentiality and integrity of your data, and to ensure that our systems and services remain available and resilient over extended periods when your data is being processed. It is also intended to ensure that the availability of your data and access to it can be restored quickly in the event of a physical or technical incident.

Our data processing and security measures are continually being improved in line with the latest technological developments.

We also take our own internal data protection measures very seriously. Our employees and the service providers contracted by us are obligated to observe secrecy and comply with data protection regulations. Additionally, access to personal data will only be granted to employees and service providers to the extent necessary.

8. Your rights

In the information below, we outline which rights you have in relation to your personal data. Please note that data protection provisions and practices are subject to constant change. For this reason, it is advisable and essential to stay abreast of any changes in legal provisions and company practices.

Rights of access and rectification

At any time and without the need to give a reason, you may gain access to data of yours that we have stored by contacting You also have the right to request that incorrect personal data is rectified and, if necessary, incomplete personal data is completed in our systems.

Right to processing restrictions

You may contact  to request that the processing of personal data affecting you is restricted. If the processing of personal data affecting you has been restricted, this data may – with the exception of being stored – only be processed with your consent, for the purpose of asserting, exercising or defending legal claims, for the purpose of protecting the rights of another natural or legal person, or for reasons of substantial public interest.

Right to erasure

You have the right to contact to request that your personal data is erased; for example, if the data is no longer required for the purposes that were being pursued. If we are obligated to retain your personal data due to legal or contractual retention obligations, however, we may restrict or block your personal data only to the extent that is necessary in such cases.

Right to information

If you have asserted the right to rectification, erasure or restriction of processing, you have the right to contact in order to receive information about the recipients to whom we have disclosed your personal data.

Right to data portability

You have the right to contact in order to receive your personal data – i.e. the personal data that we process using automated means on the basis of your consent or in order to perform a contract – in a structured, conventional and machine-readable format and to request that this data is transferred to a third party. If you request that data is transferred directly to another controller, this will only take place if it is technically feasible to do so.

Right to object

You have the option of objecting to the data collection and storage outlined in the Privacy Policy. Additionally, you may revoke the consent you have granted us to collect and use data at any time, with future effect and without the need to give a reason, by contacting

Right to lodge complaints

Complaints may be lodged with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at any time. 

Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1, CH-3003 Bern, Switzerland, 

9. Contact

Your trust is important to us. For this reason, we want to be available to answer questions about the processing of your personal data at any time. If you have any questions that this Privacy Policy does not answer or if you require more information on something, please contact us via e-mail at

Last updated: September 2023