Privacy policy

Last updated on: 08.04.2024

Transparent handling of personal data is very important to us. This privacy policy provides information on what personal data we collect, for what purpose we collect it and to whom we may pass it on. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated.

1. Services we use

– Google Fonts API
– WordPress

2. Contact information

Please contact us, in case you have any questions or concerns about the protection of your data:

XRacing GmbH
Chemin Des Jordils 15b
1789 Lugnorre
Switzerland

UID: CHE-255.176.081

3. General principles

3.1 What data do we collect from you and where do we receive it from

Predominantly, we process personal data you provide us with and we collect when operating our website. We may, in certain cases, also receive personal data about you from third parties, such as:

– Personal master data (name, address, etc.);
– contact data (cell phone number, email address, etc.);
– online identifiers (e.g. cookie identifiers, IP addresses).

3.2 The conditions for processing your data

We treat your data confidentially and in accordance with the purposes set out in this privacy policy. We focus on an appropriate and transparent processing.

If, in exceptional cases, we are unable to comply with these principles, data processing may still be justified and lawful, for the following reasons:

– You provided your consent;
– the execution of a contract or specific pre-contractual measures require it;
– we have legitimate interests, provided your interests do not prevail.

3.3 How to withdraw your consent

If you provided us with your consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have additional legitimate justification grounds.

You have the option of withdrawing your consent at any time by sending us an e-mail to . Data processing, which has already taken place, will not be affected by this.

3.4 Cases, in which we may pass on your data to third parties

3.4.1 Principle

We may need to use the services of third parties or affiliated companies and entrust them to process your data (so-called processors). Such processors are namely:

– Accounting, fiduciary and auditing companies;
– consulting companies (legal advice, taxes, etc.);
– IT service providers (web hosting, support, cloud services, website design, etc.);
– payment service providers;
– providers of tracking, conversion and advertising services.

We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.

We may also be obliged to disclose your personal data to authorities.

3.4.2 Visiting our social media channels

We may have embedded links to our social media channels on our website. You can recognize this in each case (typically by the respective icons). If you click on one of these icons, you will be redirected to the corresponding social media channel.

In this case, social media providers will learn that you have accessed their platform from our website. The social media providers can use the data collected this way for their own purposes. We point out that we have no knowledge of the content of the transmitted data or its use by the providers.

3.4.3 Transfer abroad

Under certain circumstances, your personal data may be transferred to companies abroad, as part of the order processing. These companies are obliged to protect data to the same extent we are. Such data transfer can be worldwide.

If the level of data protection does not correspond to that in Switzerland, we conduct a prior risk assessment and contractually ensure that the same level of protection is guaranteed like in Switzerland (e.g. by means of the new standard contractual clauses of the EU Commission or other legally binding measures). If our risk assessment is negative, we will take additional technical measures to protect your data. You can access the EU Commissions standard contractual clauses at https://commission.europa.eu/publications/standard-contractual-clauses-
controllers-and-processors-eueea_de

3.5 How long we store your data for

We only store personal data for as long as it is necessary to fulfill the specific purpose, for which the data was collected. Data that we collect when you visit our website is stored for twelve months. Analysis and tracking data may form an exception and may be stored for longer.

We store certain contract related data for longer, as we are required to do so by law. In particular, we must store business communication, concluded contracts and accounting documents for up to 10 years. If such data is no longer needed to provide our services, it will be blocked and used for accounting and tax purposes only.

3.6 How we protect your data

We will keep your data secure and take every reasonable step to protect your data from loss, access, misuse or alteration.

Our contractual partners and employees having access to your data are obliged to comply with data protection regulations. In certain cases, it will be necessary for us to pass on your inquiries to other companies associated with us. In such cases, your data will also always be treated confidentially.

Within our website, we use the SSL procedure (Secure Socket Layer) in conjunction with the highest encryption level supported by your browser.

3.7 Your rights

3.7.1 Right to information

You may request information about the data we have stored about you at any time. Please send your request for information including a proof of your identity to .

You also have the right to receive your data in a commonly used file format, provided that we process your data automatically and you have given your consent to the processing of this data or have disclosed data in connection with the conclusion of a contract.

We may restrict or refuse to provide information or data, if this is in conflict with our legal obligations, our own legitimate interests, public interests or the interests of a third party.

The processing of your application is subject to the statutory processing period of 30 days. However, we may extend this period due to a high volume of requests, for legal or technical reasons or because we require more detailed information from you. You will be informed of the extension in good time, at least in text form.

3.7.2 Right to erasure and rectification

You have the option to request the deletion or correction of your data at any time. We may restrict or refuse your request, if statutory provisions require us to store the data for a longer period or to store it unchanged.

Please note that exercising your rights may be in conflict with contractual agreements and may have corresponding effects on the execution of a contract (e.g. premature termination of a contract or monetary consequences).

3.7.3 Legal process

If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a complaint with the responsible supervisory authority. The responsible supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

3.8 Changes to the privacy policy

We may amend this privacy policy at any time. The changes will be published on our website https://www.xracing.ch, you will not be informed separately.

4. Data processing activities

4.1 Deployment of the website and creation of log files

When you visit our website, certain data is automatically stored on our servers or on servers for services and products that we purchase and/or have installed for system administration, statistical, backup or tracking purposes. These are:

– the name of your internet service provider;
– your IP address (under certain circumstances);
– the version of your browser software;
– the operating system of the computer used to access the URL;
– the date and time of access;
– the website from which you visit the URL;
– the search terms you used to find the URL.

This data can not be assigned to a specific person and is not merged with other data sources. The log files are stored to facilitate the functionality of the website and to ensure the security of our information technology systems. Herein lies our legitimate interest.

Data is only stored for as long as it is required to achieve the purpose for which it was collected. Therefore, the data is deleted at the end of each session. The storage of log files is essential for websites in order to function, as such, you have no option to object to this.

4.2 Google Fonts API

On our website, we use the Google Fonts API, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”), to integrate fonts. By integrating these fonts, your browser will establish a connection to Google’s servers when you visit our website in order to download the fonts and display them correctly.

Through this connection, data, in particular your IP address and information about the browser you are using, can be transmitted to Google and stored on Google’s servers. These servers may be located in the USA or other countries.

If you wish to prevent the transfer of data as part of the Google Fonts API, you can block access to the domain fonts.googleapis.com in your browser settings. Please note that in this case our website may not be displayed correctly.

4.3 WordPress

Our website is based on the WordPress platform, a content management system developed by Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA. WordPress enables us to create, manage and publish content.

When you use our website, which is based on WordPress, various data, including your IP address, the date and time of access and information about the browser you are using, may be collected and stored. This data is mainly used for administrative purposes and to ensure uninterrupted operation of the website.

Some WordPress functions, such as comments or contact forms, may collect additional personal data when you use them.